Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-5994 (GCVE-0-2025-5994)
Vulnerability from cvelistv5 – Published: 2025-07-16 14:38 – Updated: 2025-11-03 18:13
VLAI?
EPSS
Summary
A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet (ECS). Unbound is also vulnerable when compiled with ECS support, i.e., '--enable-subnet', AND configured to send ECS information along with queries to upstream name servers, i.e., at least one of the 'send-client-subnet', 'client-subnet-zone' or 'client-subnet-always-forward' options is used. Resolvers supporting ECS need to segregate outgoing queries to accommodate for different outgoing ECS information. This re-opens up resolvers to a birthday paradox attack (Rebirthday Attack) that tries to match the DNS transaction ID in order to cache non-ECS poisonous replies.
Severity ?
CWE
- CWE-349 - Acceptance of Extraneous Untrusted Data With Trusted Data
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NLnet Labs | Unbound |
Affected:
1.6.2 , < 1.23.0
(semver)
|
Credits
Xiang Li (AOSP Lab, Nankai University)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5994",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-16T15:42:14.147972Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-16T15:42:18.657Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T18:13:56.352Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00019.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Unbound",
"vendor": "NLnet Labs",
"versions": [
{
"lessThan": "1.23.0",
"status": "affected",
"version": "1.6.2",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Xiang Li (AOSP Lab, Nankai University)"
}
],
"datePublic": "2025-07-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A multi-vendor cache poisoning vulnerability named \u0027Rebirthday Attack\u0027 has been discovered in caching resolvers that support EDNS Client Subnet (ECS). Unbound is also vulnerable when compiled with ECS support, i.e., \u0027--enable-subnet\u0027, AND configured to send ECS information along with queries to upstream name servers, i.e., at least one of the \u0027send-client-subnet\u0027, \u0027client-subnet-zone\u0027 or \u0027client-subnet-always-forward\u0027 options is used. Resolvers supporting ECS need to segregate outgoing queries to accommodate for different outgoing ECS information. This re-opens up resolvers to a birthday paradox attack (Rebirthday Attack) that tries to match the DNS transaction ID in order to cache non-ECS poisonous replies."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/R:U/V:C",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "Compiled and configured for ECS support"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-349",
"description": "CWE-349 Acceptance of Extraneous Untrusted Data With Trusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-16T14:38:22.738Z",
"orgId": "206fc3a0-e175-490b-9eaa-a5738056c9f6",
"shortName": "NLnet Labs"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt"
}
],
"solutions": [
{
"lang": "en",
"value": "This issue is fixed in 1.23.1 and all later versions. Not using EDNS Client Subnet (ECS) is also a mitigation for affected versions."
}
],
"timeline": [
{
"lang": "en",
"time": "2025-01-02T00:00:00.000Z",
"value": "Issue reported by Xiang Li"
},
{
"lang": "en",
"time": "2025-01-03T00:00:00.000Z",
"value": "Issue acknowledged by NLnet Labs"
},
{
"lang": "en",
"time": "2025-01-08T00:00:00.000Z",
"value": "Mitigation shared with Xiang Li"
},
{
"lang": "en",
"time": "2025-07-16T00:00:00.000Z",
"value": "Fix released with Unbound 1.23.1 (coordinated with other vendors)"
}
],
"title": "Cache poisoning via the ECS-enabled Rebirthday Attack"
}
},
"cveMetadata": {
"assignerOrgId": "206fc3a0-e175-490b-9eaa-a5738056c9f6",
"assignerShortName": "NLnet Labs",
"cveId": "CVE-2025-5994",
"datePublished": "2025-07-16T14:38:22.738Z",
"dateReserved": "2025-06-11T09:08:05.767Z",
"dateUpdated": "2025-11-03T18:13:56.352Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-5994\",\"sourceIdentifier\":\"sep@nlnetlabs.nl\",\"published\":\"2025-07-16T15:15:33.490\",\"lastModified\":\"2025-11-03T19:16:14.563\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A multi-vendor cache poisoning vulnerability named \u0027Rebirthday Attack\u0027 has been discovered in caching resolvers that support EDNS Client Subnet (ECS). Unbound is also vulnerable when compiled with ECS support, i.e., \u0027--enable-subnet\u0027, AND configured to send ECS information along with queries to upstream name servers, i.e., at least one of the \u0027send-client-subnet\u0027, \u0027client-subnet-zone\u0027 or \u0027client-subnet-always-forward\u0027 options is used. Resolvers supporting ECS need to segregate outgoing queries to accommodate for different outgoing ECS information. This re-opens up resolvers to a birthday paradox attack (Rebirthday Attack) that tries to match the DNS transaction ID in order to cache non-ECS poisonous replies.\"},{\"lang\":\"es\",\"value\":\"Se ha descubierto una vulnerabilidad de envenenamiento de cach\u00e9 multiproveedor, denominada \\\"Ataque Rebirthday\\\", en resolutores de cach\u00e9 compatibles con EDNS Client Subnet (ECS). Unbound tambi\u00e9n es vulnerable cuando se compila con compatibilidad con ECS (es decir, con \\\"--enable-subnet\\\") y se configura para enviar informaci\u00f3n de ECS junto con consultas a servidores de nombres ascendentes (es decir, se utiliza al menos una de las opciones \\\"send-client-subnet\\\", \\\"client-subnet-zone\\\" o \\\"client-subnet-always-forward\\\"). Los resolutores compatibles con ECS deben segregar las consultas salientes para adaptarlas a la diferente informaci\u00f3n de ECS saliente. Esto expone a los resolutores a un ataque de paradoja de cumplea\u00f1os (Ataque Rebirthday), que intenta coincidir con el ID de transacci\u00f3n DNS para almacenar en cach\u00e9 respuestas t\u00f3xicas que no sean de ECS.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"sep@nlnetlabs.nl\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:U/V:C/RE:X/U:X\",\"baseScore\":8.7,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"USER\",\"valueDensity\":\"CONCENTRATED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}]},\"weaknesses\":[{\"source\":\"sep@nlnetlabs.nl\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-349\"}]}],\"references\":[{\"url\":\"https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt\",\"source\":\"sep@nlnetlabs.nl\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/08/msg00019.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-5994\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-07-16T15:42:14.147972Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-07-16T15:42:16.296Z\"}}], \"cna\": {\"title\": \"Cache poisoning via the ECS-enabled Rebirthday Attack\", \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Xiang Li (AOSP Lab, Nankai University)\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 8.7, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/R:U/V:C\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"Compiled and configured for ECS support\"}]}], \"affected\": [{\"vendor\": \"NLnet Labs\", \"product\": \"Unbound\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.6.2\", \"lessThan\": \"1.23.0\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2025-01-02T00:00:00.000Z\", \"value\": \"Issue reported by Xiang Li\"}, {\"lang\": \"en\", \"time\": \"2025-01-03T00:00:00.000Z\", \"value\": \"Issue acknowledged by NLnet Labs\"}, {\"lang\": \"en\", \"time\": \"2025-01-08T00:00:00.000Z\", \"value\": \"Mitigation shared with Xiang Li\"}, {\"lang\": \"en\", \"time\": \"2025-07-16T00:00:00.000Z\", \"value\": \"Fix released with Unbound 1.23.1 (coordinated with other vendors)\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"This issue is fixed in 1.23.1 and all later versions. Not using EDNS Client Subnet (ECS) is also a mitigation for affected versions.\"}], \"datePublic\": \"2025-07-16T00:00:00.000Z\", \"references\": [{\"url\": \"https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt\", \"tags\": [\"vendor-advisory\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A multi-vendor cache poisoning vulnerability named \u0027Rebirthday Attack\u0027 has been discovered in caching resolvers that support EDNS Client Subnet (ECS). Unbound is also vulnerable when compiled with ECS support, i.e., \u0027--enable-subnet\u0027, AND configured to send ECS information along with queries to upstream name servers, i.e., at least one of the \u0027send-client-subnet\u0027, \u0027client-subnet-zone\u0027 or \u0027client-subnet-always-forward\u0027 options is used. Resolvers supporting ECS need to segregate outgoing queries to accommodate for different outgoing ECS information. This re-opens up resolvers to a birthday paradox attack (Rebirthday Attack) that tries to match the DNS transaction ID in order to cache non-ECS poisonous replies.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-349\", \"description\": \"CWE-349 Acceptance of Extraneous Untrusted Data With Trusted Data\"}]}], \"providerMetadata\": {\"orgId\": \"206fc3a0-e175-490b-9eaa-a5738056c9f6\", \"shortName\": \"NLnet Labs\", \"dateUpdated\": \"2025-07-16T14:38:22.738Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-5994\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-07-16T15:42:18.657Z\", \"dateReserved\": \"2025-06-11T09:08:05.767Z\", \"assignerOrgId\": \"206fc3a0-e175-490b-9eaa-a5738056c9f6\", \"datePublished\": \"2025-07-16T14:38:22.738Z\", \"assignerShortName\": \"NLnet Labs\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
CERTFR-2025-AVI-0969
Vulnerability from certfr_avis - Published: 2025-11-06 - Updated: 2025-11-06
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Kubernetes Runtime | GenAI sur Tanzu Platform pour Cloud Foundry versions antérieures à 10.2.5 | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.90.x | ||
| VMware | Tanzu Kubernetes Runtime | NodeJS Buildpack versions antérieures à 1.8.58 | ||
| VMware | Tanzu Kubernetes Runtime | Python Buildpack versions antérieures à 1.8.63 | ||
| VMware | Tanzu Kubernetes Runtime | VMware Tanzu pour MySQL sur Tanzu Platform versions antérieures à 10.1.0 | ||
| VMware | Tanzu Kubernetes Runtime | API Gateway pour VMware Tanzu Platform versions antérieures à 2.4.0 | ||
| VMware | Tanzu Kubernetes Runtime | PHP Buildpack versions antérieures à 4.6.49 | ||
| VMware | Tanzu Kubernetes Runtime | Single Sign-On pour VMware Tanzu Platform versions antérieures à 1.16.14 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy FIPS) versions antérieures à 1.915.x | ||
| VMware | Tanzu Application Service | CredHub Service Broker versions antérieures à 1.6.6 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy FIPS) versions antérieures à 1.943.x | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions antérieures à 10.2.4+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry Windows versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.915.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry Windows versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Single Sign-On pour VMware Tanzu Application Service versions antérieures à 1.16.13 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.943.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry isolation segment versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.77.x | ||
| VMware | Services Suite | Platform Automation Toolkit versions antérieures à 5.3.2 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy Azure Light) versions antérieures à 1.906.x | ||
| VMware | Tanzu Kubernetes Runtime | Spring Cloud Data Flow pour VMware Tanzu versions antérieures à 1.14.9 | ||
| VMware | Tanzu Kubernetes Runtime | App Autoscaler CLI Plugin pour VMware Tanzu Platform versions antérieures à 250.5.9 | ||
| VMware | Tanzu Kubernetes Runtime | Spring Cloud Services pour VMware Tanzu versions antérieures à 3.3.10 | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Concourse pour VMware Tanzu versions antérieures à 7.14.1+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry isolation segment versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Platform Services pour VMware Tanzu Platform versions antérieures à 10.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Ruby Buildpack versions antérieures à 1.10.46 | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime pour VMware Tanzu Platform versions antérieures à 6.0.21+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Telemetry pour VMware Tanzu Platform versions antérieures à 2.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.103.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Hub versions antérieures à 10.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.906.x |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "GenAI sur Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 10.2.5",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.90.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "NodeJS Buildpack versions ant\u00e9rieures \u00e0 1.8.58",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Python Buildpack versions ant\u00e9rieures \u00e0 1.8.63",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Tanzu pour MySQL sur Tanzu Platform versions ant\u00e9rieures \u00e0 10.1.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "API Gateway pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.4.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "PHP Buildpack versions ant\u00e9rieures \u00e0 4.6.49",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 1.16.14",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy FIPS) versions ant\u00e9rieures \u00e0 1.915.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "CredHub Service Broker versions ant\u00e9rieures \u00e0 1.6.6",
"product": {
"name": "Tanzu Application Service",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy FIPS) versions ant\u00e9rieures \u00e0 1.943.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.4+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry Windows versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.915.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry Windows versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On pour VMware Tanzu Application Service versions ant\u00e9rieures \u00e0 1.16.13",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.943.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.77.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Platform Automation Toolkit versions ant\u00e9rieures \u00e0 5.3.2",
"product": {
"name": "Services Suite",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy Azure Light) versions ant\u00e9rieures \u00e0 1.906.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Data Flow pour VMware Tanzu versions ant\u00e9rieures \u00e0 1.14.9",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "App Autoscaler CLI Plugin pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 250.5.9",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Services pour VMware Tanzu versions ant\u00e9rieures \u00e0 3.3.10",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Concourse pour VMware Tanzu versions ant\u00e9rieures \u00e0 7.14.1+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Platform Services pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Ruby Buildpack versions ant\u00e9rieures \u00e0 1.10.46",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 6.0.21+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Telemetry pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.103.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Hub versions ant\u00e9rieures \u00e0 10.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.906.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2019-25013",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25013"
},
{
"name": "CVE-2017-9937",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9937"
},
{
"name": "CVE-2025-6395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
},
{
"name": "CVE-2022-1343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
},
{
"name": "CVE-2013-4235",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4235"
},
{
"name": "CVE-2024-37370",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37370"
},
{
"name": "CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"name": "CVE-2024-57981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57981"
},
{
"name": "CVE-2025-8715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8715"
},
{
"name": "CVE-2017-3613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3613"
},
{
"name": "CVE-2025-30681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30681"
},
{
"name": "CVE-2022-25308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25308"
},
{
"name": "CVE-2021-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3996"
},
{
"name": "CVE-2024-38807",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38807"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-27102",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27102"
},
{
"name": "CVE-2022-43236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43236"
},
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2023-7104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
},
{
"name": "CVE-2022-35252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
},
{
"name": "CVE-2005-0602",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-0602"
},
{
"name": "CVE-2017-6834",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6834"
},
{
"name": "CVE-2025-22003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22003"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2023-3428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3428"
},
{
"name": "CVE-2021-3933",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3933"
},
{
"name": "CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"name": "CVE-2022-43237",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43237"
},
{
"name": "CVE-2021-23215",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23215"
},
{
"name": "CVE-2022-1115",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1115"
},
{
"name": "CVE-2024-57994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57994"
},
{
"name": "CVE-2025-21798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21798"
},
{
"name": "CVE-2025-3264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3264"
},
{
"name": "CVE-2015-4789",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4789"
},
{
"name": "CVE-2025-53547",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53547"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2020-14621",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14621"
},
{
"name": "CVE-2025-26465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26465"
},
{
"name": "CVE-2025-21975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
},
{
"name": "CVE-2025-21980",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21980"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2025-21889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21889"
},
{
"name": "CVE-2025-21861",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21861"
},
{
"name": "CVE-2025-38328",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38328"
},
{
"name": "CVE-2025-31115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31115"
},
{
"name": "CVE-2021-33294",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33294"
},
{
"name": "CVE-2023-3195",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3195"
},
{
"name": "CVE-2025-59830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59830"
},
{
"name": "CVE-2023-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
},
{
"name": "CVE-2021-20243",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20243"
},
{
"name": "CVE-2023-3316",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3316"
},
{
"name": "CVE-2023-1175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1175"
},
{
"name": "CVE-2024-57948",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57948"
},
{
"name": "CVE-2025-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21937"
},
{
"name": "CVE-2014-9157",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9157"
},
{
"name": "CVE-2020-2803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2803"
},
{
"name": "CVE-2020-14803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14803"
},
{
"name": "CVE-2024-58088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58088"
},
{
"name": "CVE-2024-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
},
{
"name": "CVE-2025-53042",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53042"
},
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2021-37600",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37600"
},
{
"name": "CVE-2025-21689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21689"
},
{
"name": "CVE-2025-21682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21682"
},
{
"name": "CVE-2011-3374",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3374"
},
{
"name": "CVE-2025-30689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30689"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2021-26260",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26260"
},
{
"name": "CVE-2023-0922",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0922"
},
{
"name": "CVE-2025-38100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38100"
},
{
"name": "CVE-2017-18250",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18250"
},
{
"name": "CVE-2025-9231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9231"
},
{
"name": "CVE-2025-1372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1372"
},
{
"name": "CVE-2025-40002",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40002"
},
{
"name": "CVE-2022-21426",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21426"
},
{
"name": "CVE-2025-8851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8851"
},
{
"name": "CVE-2024-58010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58010"
},
{
"name": "CVE-2025-38043",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38043"
},
{
"name": "CVE-2025-21697",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21697"
},
{
"name": "CVE-2025-30715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30715"
},
{
"name": "CVE-2024-57973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57973"
},
{
"name": "CVE-2022-24407",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24407"
},
{
"name": "CVE-2022-30631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
},
{
"name": "CVE-2022-46908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
},
{
"name": "CVE-2022-3626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3626"
},
{
"name": "CVE-2024-28834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28834"
},
{
"name": "CVE-2021-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38604"
},
{
"name": "CVE-2001-1268",
"url": "https://www.cve.org/CVERecord?id=CVE-2001-1268"
},
{
"name": "CVE-2022-2874",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2874"
},
{
"name": "CVE-2025-22017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22017"
},
{
"name": "CVE-2025-38108",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38108"
},
{
"name": "CVE-2025-21783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21783"
},
{
"name": "CVE-2025-38229",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38229"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2021-3733",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3733"
},
{
"name": "CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"name": "CVE-2025-21786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21786"
},
{
"name": "CVE-2024-11187",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11187"
},
{
"name": "CVE-2020-27769",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27769"
},
{
"name": "CVE-2025-30682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30682"
},
{
"name": "CVE-2021-35586",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35586"
},
{
"name": "CVE-2014-9748",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9748"
},
{
"name": "CVE-2025-25186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25186"
},
{
"name": "CVE-2014-8141",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8141"
},
{
"name": "CVE-2022-1623",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1623"
},
{
"name": "CVE-2025-21881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21881"
},
{
"name": "CVE-2025-21951",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21951"
},
{
"name": "CVE-2024-38829",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38829"
},
{
"name": "CVE-2025-10148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10148"
},
{
"name": "CVE-2017-6831",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6831"
},
{
"name": "CVE-2024-58034",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58034"
},
{
"name": "CVE-2025-25724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25724"
},
{
"name": "CVE-2025-27818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27818"
},
{
"name": "CVE-2021-3997",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3997"
},
{
"name": "CVE-2025-50102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50102"
},
{
"name": "CVE-2023-38471",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38471"
},
{
"name": "CVE-2022-0158",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0158"
},
{
"name": "CVE-2020-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27776"
},
{
"name": "CVE-2025-5222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5222"
},
{
"name": "CVE-2025-21743",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21743"
},
{
"name": "CVE-2025-38147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38147"
},
{
"name": "CVE-2023-6780",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6780"
},
{
"name": "CVE-2023-34475",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34475"
},
{
"name": "CVE-2024-26896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26896"
},
{
"name": "CVE-2025-38286",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38286"
},
{
"name": "CVE-2025-55248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55248"
},
{
"name": "CVE-2024-24762",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24762"
},
{
"name": "CVE-2025-53643",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53643"
},
{
"name": "CVE-2022-0696",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0696"
},
{
"name": "CVE-2025-27516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27516"
},
{
"name": "CVE-2024-21144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21144"
},
{
"name": "CVE-2024-3220",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3220"
},
{
"name": "CVE-2022-3599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3599"
},
{
"name": "CVE-2021-39537",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39537"
},
{
"name": "CVE-2025-12380",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12380"
},
{
"name": "CVE-2022-42010",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42010"
},
{
"name": "CVE-2015-4787",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4787"
},
{
"name": "CVE-2021-35550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35550"
},
{
"name": "CVE-2022-27781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
},
{
"name": "CVE-2025-21847",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21847"
},
{
"name": "CVE-2022-2929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2929"
},
{
"name": "CVE-2018-15120",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15120"
},
{
"name": "CVE-2024-58069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58069"
},
{
"name": "CVE-2025-8556",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8556"
},
{
"name": "CVE-2023-0796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0796"
},
{
"name": "CVE-2025-21853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21853"
},
{
"name": "CVE-2025-21871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21871"
},
{
"name": "CVE-2023-51385",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51385"
},
{
"name": "CVE-2016-0682",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0682"
},
{
"name": "CVE-2025-4287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4287"
},
{
"name": "CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"name": "CVE-2025-21731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21731"
},
{
"name": "CVE-2023-48237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48237"
},
{
"name": "CVE-2023-48706",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48706"
},
{
"name": "CVE-2021-3605",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3605"
},
{
"name": "CVE-2025-38515",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38515"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2024-25126",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25126"
},
{
"name": "CVE-2025-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
},
{
"name": "CVE-2025-8277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8277"
},
{
"name": "CVE-2025-8941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8941"
},
{
"name": "CVE-2017-10928",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10928"
},
{
"name": "CVE-2023-52425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
},
{
"name": "CVE-2025-38163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38163"
},
{
"name": "CVE-2021-35567",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35567"
},
{
"name": "CVE-2017-12429",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12429"
},
{
"name": "CVE-2025-38444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38444"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2019-8322",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8322"
},
{
"name": "CVE-2024-52615",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52615"
},
{
"name": "CVE-2020-14579",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14579"
},
{
"name": "CVE-2023-2157",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2157"
},
{
"name": "CVE-2025-32386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32386"
},
{
"name": "CVE-2025-21823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21823"
},
{
"name": "CVE-2025-11731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11731"
},
{
"name": "CVE-2019-1010238",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1010238"
},
{
"name": "CVE-2024-26700",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26700"
},
{
"name": "CVE-2024-58082",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58082"
},
{
"name": "CVE-2024-35176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35176"
},
{
"name": "CVE-2024-33602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33602"
},
{
"name": "CVE-2025-55551",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55551"
},
{
"name": "CVE-2025-50100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50100"
},
{
"name": "CVE-2023-29404",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
},
{
"name": "CVE-2025-21763",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21763"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2025-40780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40780"
},
{
"name": "CVE-2023-48368",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48368"
},
{
"name": "CVE-2014-4715",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4715"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2022-48554",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48554"
},
{
"name": "CVE-2022-0563",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0563"
},
{
"name": "CVE-2025-38157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38157"
},
{
"name": "CVE-2023-24757",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24757"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2025-21678",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21678"
},
{
"name": "CVE-2025-4056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4056"
},
{
"name": "CVE-2024-28757",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28757"
},
{
"name": "CVE-2020-29562",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29562"
},
{
"name": "CVE-2022-31683",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31683"
},
{
"name": "CVE-2020-22218",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22218"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-53062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53062"
},
{
"name": "CVE-2015-4776",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4776"
},
{
"name": "CVE-2025-21872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21872"
},
{
"name": "CVE-2017-3616",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3616"
},
{
"name": "CVE-2021-2163",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2163"
},
{
"name": "CVE-2025-21922",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21922"
},
{
"name": "CVE-2025-27817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27817"
},
{
"name": "CVE-2023-30086",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30086"
},
{
"name": "CVE-2017-6832",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6832"
},
{
"name": "CVE-2022-2208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2208"
},
{
"name": "CVE-2024-45720",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45720"
},
{
"name": "CVE-2022-1056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1056"
},
{
"name": "CVE-2018-10805",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10805"
},
{
"name": "CVE-2019-19906",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19906"
},
{
"name": "CVE-2025-38219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38219"
},
{
"name": "CVE-2015-4785",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4785"
},
{
"name": "CVE-2025-38466",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38466"
},
{
"name": "CVE-2022-24921",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
},
{
"name": "CVE-2022-32208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
},
{
"name": "CVE-2020-15095",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15095"
},
{
"name": "CVE-2018-16328",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16328"
},
{
"name": "CVE-2024-38949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38949"
},
{
"name": "CVE-2022-28327",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
},
{
"name": "CVE-2025-5745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5745"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2022-43239",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43239"
},
{
"name": "CVE-2022-41409",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41409"
},
{
"name": "CVE-2022-32546",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32546"
},
{
"name": "CVE-2025-0838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0838"
},
{
"name": "CVE-2024-57980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57980"
},
{
"name": "CVE-2023-5441",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5441"
},
{
"name": "CVE-2025-55553",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55553"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2024-58011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58011"
},
{
"name": "CVE-2025-21796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21796"
},
{
"name": "CVE-2024-12086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12086"
},
{
"name": "CVE-2025-27219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27219"
},
{
"name": "CVE-2025-21691",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21691"
},
{
"name": "CVE-2021-4219",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4219"
},
{
"name": "CVE-2018-15798",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15798"
},
{
"name": "CVE-2025-55154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55154"
},
{
"name": "CVE-2025-49146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49146"
},
{
"name": "CVE-2025-40026",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40026"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2022-3153",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3153"
},
{
"name": "CVE-2022-2057",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2057"
},
{
"name": "CVE-2025-5197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5197"
},
{
"name": "CVE-2023-45283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45283"
},
{
"name": "CVE-2023-39328",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39328"
},
{
"name": "CVE-2023-45853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
},
{
"name": "CVE-2024-47611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47611"
},
{
"name": "CVE-2017-11447",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11447"
},
{
"name": "CVE-2019-8323",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8323"
},
{
"name": "CVE-2023-39593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39593"
},
{
"name": "CVE-2025-45582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
},
{
"name": "CVE-2025-46569",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46569"
},
{
"name": "CVE-2024-21068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21068"
},
{
"name": "CVE-2018-14434",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14434"
},
{
"name": "CVE-2019-6293",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6293"
},
{
"name": "CVE-2025-30703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30703"
},
{
"name": "CVE-2025-21738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21738"
},
{
"name": "CVE-2022-48522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48522"
},
{
"name": "CVE-2025-21684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21684"
},
{
"name": "CVE-2023-50868",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50868"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2023-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21830"
},
{
"name": "CVE-2023-26965",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26965"
},
{
"name": "CVE-2023-2602",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2602"
},
{
"name": "CVE-2021-2161",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2161"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2017-10140",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10140"
},
{
"name": "CVE-2021-2341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2341"
},
{
"name": "CVE-2021-3468",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3468"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2024-58061",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58061"
},
{
"name": "CVE-2025-46148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46148"
},
{
"name": "CVE-2024-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58058"
},
{
"name": "CVE-2025-21768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21768"
},
{
"name": "CVE-2025-21864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21864"
},
{
"name": "CVE-2025-2149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2149"
},
{
"name": "CVE-2021-3502",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3502"
},
{
"name": "CVE-2025-6052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6052"
},
{
"name": "CVE-2018-16329",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16329"
},
{
"name": "CVE-2022-41725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
},
{
"name": "CVE-2025-24813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24813"
},
{
"name": "CVE-2024-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58056"
},
{
"name": "CVE-2023-52426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52426"
},
{
"name": "CVE-2025-50080",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50080"
},
{
"name": "CVE-2025-21725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21725"
},
{
"name": "CVE-2024-43790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43790"
},
{
"name": "CVE-2025-38313",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38313"
},
{
"name": "CVE-2025-38336",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38336"
},
{
"name": "CVE-2022-2058",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2058"
},
{
"name": "CVE-2025-22009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22009"
},
{
"name": "CVE-2025-38061",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38061"
},
{
"name": "CVE-2022-45061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
},
{
"name": "CVE-2025-21727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21727"
},
{
"name": "CVE-2024-45492",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45492"
},
{
"name": "CVE-2015-4764",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4764"
},
{
"name": "CVE-2025-22228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22228"
},
{
"name": "CVE-2022-43240",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43240"
},
{
"name": "CVE-2020-1752",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1752"
},
{
"name": "CVE-2025-5987",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5987"
},
{
"name": "CVE-2023-4091",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4091"
},
{
"name": "CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"name": "CVE-2025-38375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38375"
},
{
"name": "CVE-2015-4779",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4779"
},
{
"name": "CVE-2021-20312",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20312"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2025-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2953"
},
{
"name": "CVE-2020-14593",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14593"
},
{
"name": "CVE-2025-21904",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21904"
},
{
"name": "CVE-2019-20838",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20838"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"name": "CVE-2025-50078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50078"
},
{
"name": "CVE-2022-28739",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28739"
},
{
"name": "CVE-2024-26726",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26726"
},
{
"name": "CVE-2023-52593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52593"
},
{
"name": "CVE-2025-3933",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3933"
},
{
"name": "CVE-2023-26785",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26785"
},
{
"name": "CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"name": "CVE-2020-14664",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14664"
},
{
"name": "CVE-2023-48235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48235"
},
{
"name": "CVE-2024-57970",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57970"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-21668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21668"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2022-32207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
},
{
"name": "CVE-2024-44939",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44939"
},
{
"name": "CVE-2024-43374",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43374"
},
{
"name": "CVE-2023-50782",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50782"
},
{
"name": "CVE-2025-21929",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21929"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2022-41722",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41722"
},
{
"name": "CVE-2022-3627",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3627"
},
{
"name": "CVE-2020-14797",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14797"
},
{
"name": "CVE-2025-21735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21735"
},
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2024-27280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27280"
},
{
"name": "CVE-2025-3000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3000"
},
{
"name": "CVE-2022-3213",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3213"
},
{
"name": "CVE-2022-2867",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2867"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2021-23177",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23177"
},
{
"name": "CVE-2020-14798",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14798"
},
{
"name": "CVE-2007-4559",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4559"
},
{
"name": "CVE-2025-21839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21839"
},
{
"name": "CVE-2025-38112",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38112"
},
{
"name": "CVE-2025-5878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5878"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2022-3715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3715"
},
{
"name": "CVE-2023-4016",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4016"
},
{
"name": "CVE-2024-58063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58063"
},
{
"name": "CVE-2015-4780",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4780"
},
{
"name": "CVE-2024-41957",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41957"
},
{
"name": "CVE-2025-38500",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38500"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2025-24293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24293"
},
{
"name": "CVE-2025-8961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8961"
},
{
"name": "CVE-2025-21977",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21977"
},
{
"name": "CVE-2022-25147",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25147"
},
{
"name": "CVE-2025-21779",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21779"
},
{
"name": "CVE-2024-58005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58005"
},
{
"name": "CVE-2025-21674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21674"
},
{
"name": "CVE-2022-3598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3598"
},
{
"name": "CVE-2025-30696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30696"
},
{
"name": "CVE-2023-0798",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0798"
},
{
"name": "CVE-2025-21918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21918"
},
{
"name": "CVE-2025-38203",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38203"
},
{
"name": "CVE-2023-45285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45285"
},
{
"name": "CVE-2022-0909",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0909"
},
{
"name": "CVE-2025-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8176"
},
{
"name": "CVE-2023-28154",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28154"
},
{
"name": "CVE-2023-48231",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48231"
},
{
"name": "CVE-2025-55752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55752"
},
{
"name": "CVE-2023-38633",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38633"
},
{
"name": "CVE-2025-21948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21948"
},
{
"name": "CVE-2023-2609",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2609"
},
{
"name": "CVE-2025-53905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53905"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2021-46312",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46312"
},
{
"name": "CVE-2018-14628",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14628"
},
{
"name": "CVE-2022-21299",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21299"
},
{
"name": "CVE-2022-38476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38476"
},
{
"name": "CVE-2019-6461",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6461"
},
{
"name": "CVE-2022-3515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3515"
},
{
"name": "CVE-2025-38004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38004"
},
{
"name": "CVE-2020-2773",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2773"
},
{
"name": "CVE-2015-5262",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5262"
},
{
"name": "CVE-2022-43244",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43244"
},
{
"name": "CVE-2024-24783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
},
{
"name": "CVE-2025-21753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21753"
},
{
"name": "CVE-2017-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6004"
},
{
"name": "CVE-2023-45284",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45284"
},
{
"name": "CVE-2015-7696",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7696"
},
{
"name": "CVE-2023-29403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29403"
},
{
"name": "CVE-2025-38387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38387"
},
{
"name": "CVE-2023-45922",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45922"
},
{
"name": "CVE-2015-4754",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4754"
},
{
"name": "CVE-2025-21699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21699"
},
{
"name": "CVE-2025-38362",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38362"
},
{
"name": "CVE-2022-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
},
{
"name": "CVE-2023-45322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45322"
},
{
"name": "CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2022-39046",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39046"
},
{
"name": "CVE-2020-14578",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14578"
},
{
"name": "CVE-2025-21584",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21584"
},
{
"name": "CVE-2022-42916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
},
{
"name": "CVE-2025-40004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40004"
},
{
"name": "CVE-2017-7619",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7619"
},
{
"name": "CVE-2024-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8176"
},
{
"name": "CVE-2020-2805",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2805"
},
{
"name": "CVE-2025-21712",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21712"
},
{
"name": "CVE-2025-38371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38371"
},
{
"name": "CVE-2023-2731",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2731"
},
{
"name": "CVE-2025-58767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58767"
},
{
"name": "CVE-2021-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
},
{
"name": "CVE-2024-57982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57982"
},
{
"name": "CVE-2025-38445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38445"
},
{
"name": "CVE-2024-38819",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38819"
},
{
"name": "CVE-2023-0803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0803"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2025-21746",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21746"
},
{
"name": "CVE-2022-0391",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0391"
},
{
"name": "CVE-2023-1170",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1170"
},
{
"name": "CVE-2022-24070",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24070"
},
{
"name": "CVE-2025-38461",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38461"
},
{
"name": "CVE-2019-17547",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17547"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2021-36411",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36411"
},
{
"name": "CVE-2023-30774",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30774"
},
{
"name": "CVE-2018-10919",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10919"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2020-2830",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2830"
},
{
"name": "CVE-2025-53014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53014"
},
{
"name": "CVE-2025-7962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7962"
},
{
"name": "CVE-2022-21624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21624"
},
{
"name": "CVE-2020-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2781"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2018-10804",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10804"
},
{
"name": "CVE-2025-38159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38159"
},
{
"name": "CVE-2022-0907",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0907"
},
{
"name": "CVE-2021-3421",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3421"
},
{
"name": "CVE-2022-21305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21305"
},
{
"name": "CVE-2025-38066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38066"
},
{
"name": "CVE-2023-29405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
},
{
"name": "CVE-2021-3670",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3670"
},
{
"name": "CVE-2021-38297",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38297"
},
{
"name": "CVE-2025-4373",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4373"
},
{
"name": "CVE-2015-4790",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4790"
},
{
"name": "CVE-2025-4598",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4598"
},
{
"name": "CVE-2025-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27144"
},
{
"name": "CVE-2025-21836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21836"
},
{
"name": "CVE-2025-21715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21715"
},
{
"name": "CVE-2024-6174",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6174"
},
{
"name": "CVE-2022-30629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
},
{
"name": "CVE-2020-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10735"
},
{
"name": "CVE-2025-38305",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38305"
},
{
"name": "CVE-2020-14556",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14556"
},
{
"name": "CVE-2025-38067",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38067"
},
{
"name": "CVE-2025-50085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50085"
},
{
"name": "CVE-2025-21781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21781"
},
{
"name": "CVE-2024-58054",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58054"
},
{
"name": "CVE-2024-43398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43398"
},
{
"name": "CVE-2020-14792",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14792"
},
{
"name": "CVE-2019-16776",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16776"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2023-6779",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6779"
},
{
"name": "CVE-2022-28738",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28738"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2024-8508",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8508"
},
{
"name": "CVE-2023-45289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
},
{
"name": "CVE-2025-41248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41248"
},
{
"name": "CVE-2022-49043",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49043"
},
{
"name": "CVE-2015-2624",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2624"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2025-40364",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40364"
},
{
"name": "CVE-2023-29491",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29491"
},
{
"name": "CVE-2025-38068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38068"
},
{
"name": "CVE-2025-61985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61985"
},
{
"name": "CVE-2013-2064",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2064"
},
{
"name": "CVE-2025-38401",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38401"
},
{
"name": "CVE-2025-21772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21772"
},
{
"name": "CVE-2021-20266",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20266"
},
{
"name": "CVE-2022-21271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21271"
},
{
"name": "CVE-2024-58070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58070"
},
{
"name": "CVE-2025-61919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61919"
},
{
"name": "CVE-2023-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25193"
},
{
"name": "CVE-2024-34447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
},
{
"name": "CVE-2020-25663",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25663"
},
{
"name": "CVE-2022-0156",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0156"
},
{
"name": "CVE-2025-21914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21914"
},
{
"name": "CVE-2024-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58057"
},
{
"name": "CVE-2025-0306",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0306"
},
{
"name": "CVE-2025-1371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1371"
},
{
"name": "CVE-2024-12798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
},
{
"name": "CVE-2022-40897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
},
{
"name": "CVE-2024-58007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58007"
},
{
"name": "CVE-2023-1355",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1355"
},
{
"name": "CVE-2025-21995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21995"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2025-21868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21868"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-5372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5372"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2022-37967",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37967"
},
{
"name": "CVE-2022-22844",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22844"
},
{
"name": "CVE-2025-21915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21915"
},
{
"name": "CVE-2019-13232",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13232"
},
{
"name": "CVE-2025-27210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27210"
},
{
"name": "CVE-2025-38102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38102"
},
{
"name": "CVE-2024-33600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33600"
},
{
"name": "CVE-2025-21792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21792"
},
{
"name": "CVE-2015-2654",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2654"
},
{
"name": "CVE-2025-55560",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55560"
},
{
"name": "CVE-2025-21728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21728"
},
{
"name": "CVE-2024-58018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58018"
},
{
"name": "CVE-2023-42669",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42669"
},
{
"name": "CVE-2022-1210",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1210"
},
{
"name": "CVE-2025-61771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61771"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2025-61770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61770"
},
{
"name": "CVE-2022-32148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2015-4778",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4778"
},
{
"name": "CVE-2023-42670",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42670"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2024-58090",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58090"
},
{
"name": "CVE-2025-59842",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59842"
},
{
"name": "CVE-2025-49125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49125"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2024-27766",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27766"
},
{
"name": "CVE-2025-37958",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37958"
},
{
"name": "CVE-2025-21714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21714"
},
{
"name": "CVE-2024-58078",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58078"
},
{
"name": "CVE-2023-32636",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32636"
},
{
"name": "CVE-2023-6277",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6277"
},
{
"name": "CVE-2025-48060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48060"
},
{
"name": "CVE-2025-21855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21855"
},
{
"name": "CVE-2025-38399",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38399"
},
{
"name": "CVE-2025-21972",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21972"
},
{
"name": "CVE-2025-38065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38065"
},
{
"name": "CVE-2025-38459",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38459"
},
{
"name": "CVE-2024-21510",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21510"
},
{
"name": "CVE-2023-34153",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34153"
},
{
"name": "CVE-2023-3618",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3618"
},
{
"name": "CVE-2020-14153",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14153"
},
{
"name": "CVE-2022-1114",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1114"
},
{
"name": "CVE-2023-48233",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48233"
},
{
"name": "CVE-2025-38412",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38412"
},
{
"name": "CVE-2025-38031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38031"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2022-21626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21626"
},
{
"name": "CVE-2011-2207",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2207"
},
{
"name": "CVE-2025-54874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54874"
},
{
"name": "CVE-2017-3617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3617"
},
{
"name": "CVE-2024-53124",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53124"
},
{
"name": "CVE-2025-38293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38293"
},
{
"name": "CVE-2025-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
},
{
"name": "CVE-2025-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21830"
},
{
"name": "CVE-2018-12600",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12600"
},
{
"name": "CVE-2025-4877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4877"
},
{
"name": "CVE-2021-41771",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41771"
},
{
"name": "CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"name": "CVE-2020-14781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14781"
},
{
"name": "CVE-2016-3189",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3189"
},
{
"name": "CVE-2023-4154",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4154"
},
{
"name": "CVE-2025-38184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38184"
},
{
"name": "CVE-2017-3615",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3615"
},
{
"name": "CVE-2022-0714",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0714"
},
{
"name": "CVE-2023-45290",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2025-9340",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9340"
},
{
"name": "CVE-2023-24758",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24758"
},
{
"name": "CVE-2025-55552",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55552"
},
{
"name": "CVE-2025-30683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30683"
},
{
"name": "CVE-2025-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30699"
},
{
"name": "CVE-2025-61921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61921"
},
{
"name": "CVE-2024-4030",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4030"
},
{
"name": "CVE-2025-27587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27587"
},
{
"name": "CVE-2016-7531",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7531"
},
{
"name": "CVE-2006-3082",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-3082"
},
{
"name": "CVE-2023-5341",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5341"
},
{
"name": "CVE-2025-8534",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8534"
},
{
"name": "CVE-2025-21767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21767"
},
{
"name": "CVE-2025-3262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3262"
},
{
"name": "CVE-2025-21986",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21986"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2025-1390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1390"
},
{
"name": "CVE-2024-33599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33599"
},
{
"name": "CVE-2023-34968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34968"
},
{
"name": "CVE-2024-0743",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0743"
},
{
"name": "CVE-2025-21961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21961"
},
{
"name": "CVE-2025-38458",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38458"
},
{
"name": "CVE-2025-6297",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6297"
},
{
"name": "CVE-2016-10062",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10062"
},
{
"name": "CVE-2025-21764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21764"
},
{
"name": "CVE-2024-57974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57974"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2023-34152",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34152"
},
{
"name": "CVE-2022-43249",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43249"
},
{
"name": "CVE-2025-38034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38034"
},
{
"name": "CVE-2024-58085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58085"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2017-3608",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3608"
},
{
"name": "CVE-2025-47268",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47268"
},
{
"name": "CVE-2025-21690",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21690"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2024-57996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57996"
},
{
"name": "CVE-2025-38135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38135"
},
{
"name": "CVE-2023-28484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
},
{
"name": "CVE-2022-43242",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43242"
},
{
"name": "CVE-2019-2708",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2708"
},
{
"name": "CVE-2025-38312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38312"
},
{
"name": "CVE-2016-0692",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0692"
},
{
"name": "CVE-2019-14844",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14844"
},
{
"name": "CVE-2022-21366",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21366"
},
{
"name": "CVE-2022-30630",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
},
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
},
{
"name": "CVE-2025-38464",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38464"
},
{
"name": "CVE-2025-21946",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21946"
},
{
"name": "CVE-2025-21838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21838"
},
{
"name": "CVE-2025-21982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21982"
},
{
"name": "CVE-2025-21867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21867"
},
{
"name": "CVE-2025-21666",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21666"
},
{
"name": "CVE-2023-0802",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0802"
},
{
"name": "CVE-2025-53859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53859"
},
{
"name": "CVE-2023-46219",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46219"
},
{
"name": "CVE-2025-47910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47910"
},
{
"name": "CVE-2025-21828",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21828"
},
{
"name": "CVE-2023-47038",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47038"
},
{
"name": "CVE-2025-23167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23167"
},
{
"name": "CVE-2025-38363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38363"
},
{
"name": "CVE-2025-21704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21704"
},
{
"name": "CVE-2025-21936",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21936"
},
{
"name": "CVE-2022-0865",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0865"
},
{
"name": "CVE-2023-5981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
},
{
"name": "CVE-2025-38319",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38319"
},
{
"name": "CVE-2025-43859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43859"
},
{
"name": "CVE-2024-58013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58013"
},
{
"name": "CVE-2022-0529",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0529"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2016-7514",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7514"
},
{
"name": "CVE-2015-4782",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4782"
},
{
"name": "CVE-2025-21909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21909"
},
{
"name": "CVE-2022-2056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2056"
},
{
"name": "CVE-2025-9092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9092"
},
{
"name": "CVE-2025-21766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21766"
},
{
"name": "CVE-2025-38457",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38457"
},
{
"name": "CVE-2024-54677",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54677"
},
{
"name": "CVE-2021-3598",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3598"
},
{
"name": "CVE-2025-21880",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21880"
},
{
"name": "CVE-2025-50094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50094"
},
{
"name": "CVE-2021-35559",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35559"
},
{
"name": "CVE-2025-21959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
},
{
"name": "CVE-2024-38809",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38809"
},
{
"name": "CVE-2025-38212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38212"
},
{
"name": "CVE-2017-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3610"
},
{
"name": "CVE-2023-1264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1264"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2024-58266",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58266"
},
{
"name": "CVE-2025-38298",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38298"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2025-50098",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50098"
},
{
"name": "CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"name": "CVE-2018-1000076",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000076"
},
{
"name": "CVE-2022-4293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4293"
},
{
"name": "CVE-2025-37974",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37974"
},
{
"name": "CVE-2025-5915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5915"
},
{
"name": "CVE-2024-57834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57834"
},
{
"name": "CVE-2025-55197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55197"
},
{
"name": "CVE-2022-32743",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32743"
},
{
"name": "CVE-2025-55558",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55558"
},
{
"name": "CVE-2022-21291",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21291"
},
{
"name": "CVE-2024-58017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58017"
},
{
"name": "CVE-2025-5917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5917"
},
{
"name": "CVE-2025-26603",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26603"
},
{
"name": "CVE-2023-35116",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35116"
},
{
"name": "CVE-2025-38078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38078"
},
{
"name": "CVE-2025-21809",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21809"
},
{
"name": "CVE-2025-38419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38419"
},
{
"name": "CVE-2024-45490",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45490"
},
{
"name": "CVE-2021-32490",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32490"
},
{
"name": "CVE-2020-27768",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27768"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
},
{
"name": "CVE-2025-50086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50086"
},
{
"name": "CVE-2016-5118",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5118"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2023-46045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46045"
},
{
"name": "CVE-2025-37889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37889"
},
{
"name": "CVE-2021-3995",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3995"
},
{
"name": "CVE-2015-4788",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4788"
},
{
"name": "CVE-2025-55557",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55557"
},
{
"name": "CVE-2024-12085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12085"
},
{
"name": "CVE-2022-24599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24599"
},
{
"name": "CVE-2025-21981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
},
{
"name": "CVE-2025-38211",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38211"
},
{
"name": "CVE-2025-2999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2999"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2025-21910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21910"
},
{
"name": "CVE-2021-35452",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35452"
},
{
"name": "CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"name": "CVE-2023-28319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28319"
},
{
"name": "CVE-2021-35565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35565"
},
{
"name": "CVE-2020-10251",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10251"
},
{
"name": "CVE-2024-11584",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11584"
},
{
"name": "CVE-2024-45491",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45491"
},
{
"name": "CVE-2025-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2020-2981",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2981"
},
{
"name": "CVE-2025-21745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21745"
},
{
"name": "CVE-2025-21791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21791"
},
{
"name": "CVE-2020-18781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18781"
},
{
"name": "CVE-2025-7709",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7709"
},
{
"name": "CVE-2024-52559",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52559"
},
{
"name": "CVE-2025-38077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38077"
},
{
"name": "CVE-2025-38251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38251"
},
{
"name": "CVE-2022-22576",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
},
{
"name": "CVE-2025-38120",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38120"
},
{
"name": "CVE-2017-7186",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7186"
},
{
"name": "CVE-2025-38285",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38285"
},
{
"name": "CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"name": "CVE-2025-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37750"
},
{
"name": "CVE-2021-39293",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39293"
},
{
"name": "CVE-2025-21795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21795"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2025-22014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
},
{
"name": "CVE-2025-38161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38161"
},
{
"name": "CVE-2025-9640",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9640"
},
{
"name": "CVE-2022-1897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1897"
},
{
"name": "CVE-2022-43248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43248"
},
{
"name": "CVE-2016-3418",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3418"
},
{
"name": "CVE-2022-29824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
},
{
"name": "CVE-2024-58081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58081"
},
{
"name": "CVE-2022-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
},
{
"name": "CVE-2024-11053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2025-21814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21814"
},
{
"name": "CVE-2025-50082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50082"
},
{
"name": "CVE-2017-6829",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6829"
},
{
"name": "CVE-2025-32462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32462"
},
{
"name": "CVE-2025-40027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40027"
},
{
"name": "CVE-2025-50097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50097"
},
{
"name": "CVE-2021-4214",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4214"
},
{
"name": "CVE-2025-21911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21911"
},
{
"name": "CVE-2023-24752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24752"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2024-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21742"
},
{
"name": "CVE-2022-43245",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43245"
},
{
"name": "CVE-2015-2656",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2656"
},
{
"name": "CVE-2025-50084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50084"
},
{
"name": "CVE-2018-9133",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9133"
},
{
"name": "CVE-2025-50079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50079"
},
{
"name": "CVE-2025-38115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38115"
},
{
"name": "CVE-2025-21758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21758"
},
{
"name": "CVE-2023-0767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0767"
},
{
"name": "CVE-2025-21816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21816"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2021-35603",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35603"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2021-36410",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36410"
},
{
"name": "CVE-2025-21780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21780"
},
{
"name": "CVE-2017-3612",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3612"
},
{
"name": "CVE-2024-12705",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12705"
},
{
"name": "CVE-2025-38153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38153"
},
{
"name": "CVE-2025-21787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21787"
},
{
"name": "CVE-2023-28487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28487"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2023-31439",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31439"
},
{
"name": "CVE-2023-51074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
},
{
"name": "CVE-2023-23915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2018-1000074",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000074"
},
{
"name": "CVE-2025-37785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
},
{
"name": "CVE-2025-21776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21776"
},
{
"name": "CVE-2024-58003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58003"
},
{
"name": "CVE-2025-21917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21917"
},
{
"name": "CVE-2025-21706",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21706"
},
{
"name": "CVE-2025-48964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48964"
},
{
"name": "CVE-2025-55193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55193"
},
{
"name": "CVE-2025-38395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38395"
},
{
"name": "CVE-2023-29499",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29499"
},
{
"name": "CVE-2025-21574",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21574"
},
{
"name": "CVE-2022-42011",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42011"
},
{
"name": "CVE-2023-39318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
},
{
"name": "CVE-2025-38337",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38337"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2025-38727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38727"
},
{
"name": "CVE-2022-41720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41720"
},
{
"name": "CVE-2024-1013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1013"
},
{
"name": "CVE-2022-0319",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0319"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2025-30258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30258"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2025-4565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4565"
},
{
"name": "CVE-2022-41716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41716"
},
{
"name": "CVE-2025-38465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38465"
},
{
"name": "CVE-2024-56406",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56406"
},
{
"name": "CVE-2025-38513",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38513"
},
{
"name": "CVE-2025-21736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21736"
},
{
"name": "CVE-2025-21997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21997"
},
{
"name": "CVE-2025-21741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21741"
},
{
"name": "CVE-2020-18032",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18032"
},
{
"name": "CVE-2017-6833",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6833"
},
{
"name": "CVE-2025-21808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21808"
},
{
"name": "CVE-2019-8324",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8324"
},
{
"name": "CVE-2020-2754",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2754"
},
{
"name": "CVE-2025-38086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38086"
},
{
"name": "CVE-2024-24788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24788"
},
{
"name": "CVE-2024-58076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58076"
},
{
"name": "CVE-2023-24751",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24751"
},
{
"name": "CVE-2025-21708",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21708"
},
{
"name": "CVE-2015-4784",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4784"
},
{
"name": "CVE-2021-4048",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4048"
},
{
"name": "CVE-2023-4527",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4527"
},
{
"name": "CVE-2022-2980",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2980"
},
{
"name": "CVE-2025-5278",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5278"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2025-21720",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21720"
},
{
"name": "CVE-2025-32463",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32463"
},
{
"name": "CVE-2015-7747",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7747"
},
{
"name": "CVE-2025-52999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52999"
},
{
"name": "CVE-2023-34055",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34055"
},
{
"name": "CVE-2024-41965",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41965"
},
{
"name": "CVE-2020-14796",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14796"
},
{
"name": "CVE-2024-56433",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2025-55004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55004"
},
{
"name": "CVE-2014-8139",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8139"
},
{
"name": "CVE-2025-21580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21580"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2025-5318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
},
{
"name": "CVE-2025-38003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38003"
},
{
"name": "CVE-2025-38441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38441"
},
{
"name": "CVE-2023-51767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51767"
},
{
"name": "CVE-2025-7783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
},
{
"name": "CVE-2023-6918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6918"
},
{
"name": "CVE-2023-38037",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38037"
},
{
"name": "CVE-2012-5783",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5783"
},
{
"name": "CVE-2022-2519",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2519"
},
{
"name": "CVE-2025-55754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55754"
},
{
"name": "CVE-2025-53023",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53023"
},
{
"name": "CVE-2025-21711",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21711"
},
{
"name": "CVE-2025-2998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2998"
},
{
"name": "CVE-2023-51792",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51792"
},
{
"name": "CVE-2021-20313",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20313"
},
{
"name": "CVE-2022-30633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
},
{
"name": "CVE-2023-23931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23931"
},
{
"name": "CVE-2025-21575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21575"
},
{
"name": "CVE-2025-21978",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21978"
},
{
"name": "CVE-2019-16777",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16777"
},
{
"name": "CVE-2025-21760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21760"
},
{
"name": "CVE-2023-45913",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45913"
},
{
"name": "CVE-2018-13153",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13153"
},
{
"name": "CVE-2022-0530",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0530"
},
{
"name": "CVE-2023-48236",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48236"
},
{
"name": "CVE-2025-21947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21947"
},
{
"name": "CVE-2025-21913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21913"
},
{
"name": "CVE-2023-34474",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34474"
},
{
"name": "CVE-2025-21665",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21665"
},
{
"name": "CVE-2025-38227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38227"
},
{
"name": "CVE-2018-1000079",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000079"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2024-58079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58079"
},
{
"name": "CVE-2025-21966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21966"
},
{
"name": "CVE-2025-21577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21577"
},
{
"name": "CVE-2021-45931",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45931"
},
{
"name": "CVE-2025-38079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38079"
},
{
"name": "CVE-2021-28544",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28544"
},
{
"name": "CVE-2021-46828",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46828"
},
{
"name": "CVE-2025-21734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21734"
},
{
"name": "CVE-2025-32728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32728"
},
{
"name": "CVE-2023-2804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2804"
},
{
"name": "CVE-2025-21970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
},
{
"name": "CVE-2021-44964",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44964"
},
{
"name": "CVE-2025-6141",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6141"
},
{
"name": "CVE-2022-42012",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42012"
},
{
"name": "CVE-2018-14437",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14437"
},
{
"name": "CVE-2024-13978",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13978"
},
{
"name": "CVE-2025-21890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21890"
},
{
"name": "CVE-2025-61984",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61984"
},
{
"name": "CVE-2021-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3596"
},
{
"name": "CVE-2025-21916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21916"
},
{
"name": "CVE-2025-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21925"
},
{
"name": "CVE-2024-57883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57883"
},
{
"name": "CVE-2022-21628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21628"
},
{
"name": "CVE-2017-6830",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6830"
},
{
"name": "CVE-2025-21927",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21927"
},
{
"name": "CVE-2021-3520",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3520"
},
{
"name": "CVE-2024-47814",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47814"
},
{
"name": "CVE-2022-2923",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2923"
},
{
"name": "CVE-2025-21799",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21799"
},
{
"name": "CVE-2024-21011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2015-2626",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2626"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2025-21748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21748"
},
{
"name": "CVE-2025-21785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21785"
},
{
"name": "CVE-2020-10029",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10029"
},
{
"name": "CVE-2025-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
},
{
"name": "CVE-2023-3978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
},
{
"name": "CVE-2021-46310",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46310"
},
{
"name": "CVE-2022-36227",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36227"
},
{
"name": "CVE-2021-2369",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2369"
},
{
"name": "CVE-2025-21883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21883"
},
{
"name": "CVE-2023-29469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2025-38074",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38074"
},
{
"name": "CVE-2024-58086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58086"
},
{
"name": "CVE-2025-38119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38119"
},
{
"name": "CVE-2025-38245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38245"
},
{
"name": "CVE-2022-37454",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37454"
},
{
"name": "CVE-2021-36770",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36770"
},
{
"name": "CVE-2025-21898",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21898"
},
{
"name": "CVE-2020-14152",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14152"
},
{
"name": "CVE-2025-38324",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38324"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2021-36976",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36976"
},
{
"name": "CVE-2024-58051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58051"
},
{
"name": "CVE-2023-3164",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3164"
},
{
"name": "CVE-2022-3597",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3597"
},
{
"name": "CVE-2023-27535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
},
{
"name": "CVE-2022-27775",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
},
{
"name": "CVE-2024-56337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56337"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2018-25032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
},
{
"name": "CVE-2025-9390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9390"
},
{
"name": "CVE-2025-62813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62813"
},
{
"name": "CVE-2025-21857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21857"
},
{
"name": "CVE-2019-9904",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9904"
},
{
"name": "CVE-2025-23085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23085"
},
{
"name": "CVE-2022-42919",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42919"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2025-9165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9165"
},
{
"name": "CVE-2023-1981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1981"
},
{
"name": "CVE-2023-30571",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30571"
},
{
"name": "CVE-2022-2231",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2231"
},
{
"name": "CVE-2025-46150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46150"
},
{
"name": "CVE-2024-12801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
},
{
"name": "CVE-2024-5642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
},
{
"name": "CVE-2024-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
},
{
"name": "CVE-2025-21812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21812"
},
{
"name": "CVE-2015-4781",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4781"
},
{
"name": "CVE-2023-23914",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
},
{
"name": "CVE-2025-38542",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38542"
},
{
"name": "CVE-2025-38344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38344"
},
{
"name": "CVE-2023-28120",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28120"
},
{
"name": "CVE-2025-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
},
{
"name": "CVE-2025-21848",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21848"
},
{
"name": "CVE-2021-3999",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3999"
},
{
"name": "CVE-2012-6153",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6153"
},
{
"name": "CVE-2025-38088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38088"
},
{
"name": "CVE-2025-50096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50096"
},
{
"name": "CVE-2022-30632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2022-27774",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
},
{
"name": "CVE-2025-21683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21683"
},
{
"name": "CVE-2025-38332",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38332"
},
{
"name": "CVE-2020-35492",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35492"
},
{
"name": "CVE-2025-21908",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21908"
},
{
"name": "CVE-2023-1289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1289"
},
{
"name": "CVE-2025-38386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38386"
},
{
"name": "CVE-2023-6349",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6349"
},
{
"name": "CVE-2024-2004",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2004"
},
{
"name": "CVE-2017-3605",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3605"
},
{
"name": "CVE-2025-9232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
},
{
"name": "CVE-2025-23165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23165"
},
{
"name": "CVE-2022-40303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
},
{
"name": "CVE-2023-0801",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0801"
},
{
"name": "CVE-2025-9341",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9341"
},
{
"name": "CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"name": "CVE-2017-7244",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7244"
},
{
"name": "CVE-2023-39319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
},
{
"name": "CVE-2025-21895",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21895"
},
{
"name": "CVE-2025-61795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61795"
},
{
"name": "CVE-2025-1377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1377"
},
{
"name": "CVE-2025-30705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30705"
},
{
"name": "CVE-2018-16412",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16412"
},
{
"name": "CVE-2025-22005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
},
{
"name": "CVE-2019-6462",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6462"
},
{
"name": "CVE-2025-21935",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21935"
},
{
"name": "CVE-2022-4645",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4645"
},
{
"name": "CVE-2021-32493",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32493"
},
{
"name": "CVE-2023-24754",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24754"
},
{
"name": "CVE-2020-29509",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29509"
},
{
"name": "CVE-2023-5568",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5568"
},
{
"name": "CVE-2023-38470",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38470"
},
{
"name": "CVE-2025-21675",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21675"
},
{
"name": "CVE-2023-34967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34967"
},
{
"name": "CVE-2025-38237",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38237"
},
{
"name": "CVE-2025-38174",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38174"
},
{
"name": "CVE-2025-8713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8713"
},
{
"name": "CVE-2025-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
},
{
"name": "CVE-2022-2869",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2869"
},
{
"name": "CVE-2021-4189",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4189"
},
{
"name": "CVE-2025-50088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50088"
},
{
"name": "CVE-2024-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
},
{
"name": "CVE-2023-35945",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35945"
},
{
"name": "CVE-2024-45993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45993"
},
{
"name": "CVE-2025-6170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6170"
},
{
"name": "CVE-2021-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
},
{
"name": "CVE-2024-58019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58019"
},
{
"name": "CVE-2025-9900",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9900"
},
{
"name": "CVE-2024-26146",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26146"
},
{
"name": "CVE-2025-21888",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21888"
},
{
"name": "CVE-2025-21866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21866"
},
{
"name": "CVE-2023-40745",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40745"
},
{
"name": "CVE-2022-1962",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2025-3730",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3730"
},
{
"name": "CVE-2025-22010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
},
{
"name": "CVE-2024-25260",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25260"
},
{
"name": "CVE-2024-21147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21147"
},
{
"name": "CVE-2025-38037",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38037"
},
{
"name": "CVE-2017-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3609"
},
{
"name": "CVE-2024-57990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57990"
},
{
"name": "CVE-2021-29921",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29921"
},
{
"name": "CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"name": "CVE-2014-9636",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9636"
},
{
"name": "CVE-2025-5351",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5351"
},
{
"name": "CVE-2025-52520",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52520"
},
{
"name": "CVE-2022-1622",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1622"
},
{
"name": "CVE-2017-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3611"
},
{
"name": "CVE-2024-53427",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
},
{
"name": "CVE-2022-2521",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2521"
},
{
"name": "CVE-2023-49582",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49582"
},
{
"name": "CVE-2025-43857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43857"
},
{
"name": "CVE-2025-31344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31344"
},
{
"name": "CVE-2025-21976",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21976"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2024-57975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57975"
},
{
"name": "CVE-2020-14581",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14581"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2021-32491",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32491"
},
{
"name": "CVE-2025-50077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50077"
},
{
"name": "CVE-2022-2309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2309"
},
{
"name": "CVE-2024-52533",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52533"
},
{
"name": "CVE-2023-24536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24536"
},
{
"name": "CVE-2023-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22025"
},
{
"name": "CVE-2021-43527",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43527"
},
{
"name": "CVE-2022-0924",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0924"
},
{
"name": "CVE-2025-24014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24014"
},
{
"name": "CVE-2022-33068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33068"
},
{
"name": "CVE-2025-38342",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38342"
},
{
"name": "CVE-2025-54988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54988"
},
{
"name": "CVE-2024-58068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58068"
},
{
"name": "CVE-2025-23083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23083"
},
{
"name": "CVE-2015-4777",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4777"
},
{
"name": "CVE-2025-7039",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7039"
},
{
"name": "CVE-2025-38167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38167"
},
{
"name": "CVE-2022-42915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
},
{
"name": "CVE-2023-0687",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0687"
},
{
"name": "CVE-2024-57998",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57998"
},
{
"name": "CVE-2021-3426",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3426"
},
{
"name": "CVE-2022-32221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
},
{
"name": "CVE-2022-1304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1304"
},
{
"name": "CVE-2021-2388",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2388"
},
{
"name": "CVE-2022-37434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
},
{
"name": "CVE-2025-38257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38257"
},
{
"name": "CVE-2022-29458",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29458"
},
{
"name": "CVE-2025-38206",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38206"
},
{
"name": "CVE-2019-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2024-39908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39908"
},
{
"name": "CVE-2025-27220",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27220"
},
{
"name": "CVE-2021-32256",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32256"
},
{
"name": "CVE-2022-22942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
},
{
"name": "CVE-2024-38950",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38950"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2025-21862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21862"
},
{
"name": "CVE-2023-47282",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47282"
},
{
"name": "CVE-2016-20012",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-20012"
},
{
"name": "CVE-2025-38111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38111"
},
{
"name": "CVE-2024-0553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0553"
},
{
"name": "CVE-2022-44638",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44638"
},
{
"name": "CVE-2019-8325",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8325"
},
{
"name": "CVE-2025-21950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21950"
},
{
"name": "CVE-2025-5918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5918"
},
{
"name": "CVE-2019-3792",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3792"
},
{
"name": "CVE-2022-43235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43235"
},
{
"name": "CVE-2025-50092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50092"
},
{
"name": "CVE-2025-50099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50099"
},
{
"name": "CVE-2017-3614",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3614"
},
{
"name": "CVE-2022-0562",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0562"
},
{
"name": "CVE-2022-28131",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
},
{
"name": "CVE-2025-22001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22001"
},
{
"name": "CVE-2024-10524",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10524"
},
{
"name": "CVE-2025-40017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40017"
},
{
"name": "CVE-2023-45919",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45919"
},
{
"name": "CVE-2025-38326",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38326"
},
{
"name": "CVE-2025-3263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3263"
},
{
"name": "CVE-2025-4878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4878"
},
{
"name": "CVE-2018-15607",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15607"
},
{
"name": "CVE-2025-21899",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21899"
},
{
"name": "CVE-2025-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
},
{
"name": "CVE-2025-38384",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38384"
},
{
"name": "CVE-2025-40778",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40778"
},
{
"name": "CVE-2025-21719",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21719"
},
{
"name": "CVE-2025-38424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38424"
},
{
"name": "CVE-2025-38430",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38430"
},
{
"name": "CVE-2025-21718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21718"
},
{
"name": "CVE-2025-3001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3001"
},
{
"name": "CVE-2025-9288",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9288"
},
{
"name": "CVE-2021-35588",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35588"
},
{
"name": "CVE-2022-32545",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32545"
},
{
"name": "CVE-2025-21694",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21694"
},
{
"name": "CVE-2025-41244",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41244"
},
{
"name": "CVE-2022-24675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
},
{
"name": "CVE-2023-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2603"
},
{
"name": "CVE-2025-21820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21820"
},
{
"name": "CVE-2017-6838",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6838"
},
{
"name": "CVE-2024-41946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41946"
},
{
"name": "CVE-2025-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
},
{
"name": "CVE-2024-21140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21140"
},
{
"name": "CVE-2024-41817",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41817"
},
{
"name": "CVE-2024-57979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57979"
},
{
"name": "CVE-2024-58071",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58071"
},
{
"name": "CVE-2025-21994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21994"
},
{
"name": "CVE-2025-30684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30684"
},
{
"name": "CVE-2017-6835",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6835"
},
{
"name": "CVE-2024-21094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
},
{
"name": "CVE-2025-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2023-0799",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0799"
},
{
"name": "CVE-2024-12087",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12087"
},
{
"name": "CVE-2025-38420",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38420"
},
{
"name": "CVE-2021-3521",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3521"
},
{
"name": "CVE-2022-23806",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23806"
},
{
"name": "CVE-2022-21365",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21365"
},
{
"name": "CVE-2025-21943",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21943"
},
{
"name": "CVE-2019-16775",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16775"
},
{
"name": "CVE-2024-57997",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57997"
},
{
"name": "CVE-2025-38160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38160"
},
{
"name": "CVE-2024-33601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33601"
},
{
"name": "CVE-2025-32989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
},
{
"name": "CVE-2025-6051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6051"
},
{
"name": "CVE-2022-21283",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21283"
},
{
"name": "CVE-2022-31782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31782"
},
{
"name": "CVE-2025-50093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50093"
},
{
"name": "CVE-2025-38107",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38107"
},
{
"name": "CVE-2025-32434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32434"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2025-53069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53069"
},
{
"name": "CVE-2025-38085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38085"
},
{
"name": "CVE-2025-21806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21806"
},
{
"name": "CVE-2025-38222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38222"
},
{
"name": "CVE-2025-38197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38197"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2022-43253",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43253"
},
{
"name": "CVE-2021-36221",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36221"
},
{
"name": "CVE-2024-57977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57977"
},
{
"name": "CVE-2018-1000075",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000075"
},
{
"name": "CVE-2025-53019",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53019"
},
{
"name": "CVE-2020-14782",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14782"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2024-5569",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5569"
},
{
"name": "CVE-2024-57952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57952"
},
{
"name": "CVE-2025-53367",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53367"
},
{
"name": "CVE-2025-21579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21579"
},
{
"name": "CVE-2021-45942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45942"
},
{
"name": "CVE-2022-1615",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1615"
},
{
"name": "CVE-2025-21928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21928"
},
{
"name": "CVE-2021-20246",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20246"
},
{
"name": "CVE-2025-21707",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21707"
},
{
"name": "CVE-2023-24755",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24755"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"name": "CVE-2025-5025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5025"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2022-23773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23773"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2023-24539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
},
{
"name": "CVE-2024-27281",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27281"
},
{
"name": "CVE-2025-38467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38467"
},
{
"name": "CVE-2024-34459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34459"
},
{
"name": "CVE-2025-21804",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21804"
},
{
"name": "CVE-2021-34558",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34558"
},
{
"name": "CVE-2021-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3737"
},
{
"name": "CVE-2025-49795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49795"
},
{
"name": "CVE-2017-6837",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6837"
},
{
"name": "CVE-2014-9913",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9913"
},
{
"name": "CVE-2025-21934",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21934"
},
{
"name": "CVE-2025-38072",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38072"
},
{
"name": "CVE-2025-53044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53044"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2024-37407",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37407"
},
{
"name": "CVE-2015-4775",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4775"
},
{
"name": "CVE-2025-22011",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22011"
},
{
"name": "CVE-2022-1725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1725"
},
{
"name": "CVE-2022-43252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43252"
},
{
"name": "CVE-2023-0614",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0614"
},
{
"name": "CVE-2016-0694",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0694"
},
{
"name": "CVE-2023-6228",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6228"
},
{
"name": "CVE-2021-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
},
{
"name": "CVE-2024-5197",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5197"
},
{
"name": "CVE-2020-21606",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21606"
},
{
"name": "CVE-2025-38075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38075"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2022-40674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40674"
},
{
"name": "CVE-2025-1376",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1376"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2001-1269",
"url": "https://www.cve.org/CVERecord?id=CVE-2001-1269"
},
{
"name": "CVE-2025-50087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50087"
},
{
"name": "CVE-2024-22365",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22365"
},
{
"name": "CVE-2025-38058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38058"
},
{
"name": "CVE-2023-20873",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20873"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2025-38617",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38617"
},
{
"name": "CVE-2025-21762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21762"
},
{
"name": "CVE-2023-47169",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47169"
},
{
"name": "CVE-2025-38122",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38122"
},
{
"name": "CVE-2025-21801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21801"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2025-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
},
{
"name": "CVE-2025-38083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38083"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2023-0795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0795"
},
{
"name": "CVE-2015-2583",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2583"
},
{
"name": "CVE-2025-21692",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21692"
},
{
"name": "CVE-2025-38173",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38173"
},
{
"name": "CVE-2022-21434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21434"
},
{
"name": "CVE-2025-2148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2148"
},
{
"name": "CVE-2024-2236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2236"
},
{
"name": "CVE-2025-38143",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38143"
},
{
"name": "CVE-2023-4039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
},
{
"name": "CVE-2025-45768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45768"
},
{
"name": "CVE-2023-38469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38469"
},
{
"name": "CVE-2024-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38428"
},
{
"name": "CVE-2022-3821",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3821"
},
{
"name": "CVE-2014-3577",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3577"
},
{
"name": "CVE-2025-21869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21869"
},
{
"name": "CVE-2025-1365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1365"
},
{
"name": "CVE-2023-32570",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32570"
},
{
"name": "CVE-2025-54410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54410"
},
{
"name": "CVE-2023-52970",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52970"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2024-25062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25062"
},
{
"name": "CVE-2016-5841",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5841"
},
{
"name": "CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"name": "CVE-2025-53101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53101"
},
{
"name": "CVE-2022-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
},
{
"name": "CVE-2023-27534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2023-24532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
},
{
"name": "CVE-2023-27536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
},
{
"name": "CVE-2025-52434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52434"
},
{
"name": "CVE-2024-54458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54458"
},
{
"name": "CVE-2022-44267",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44267"
},
{
"name": "CVE-2024-26141",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26141"
},
{
"name": "CVE-2015-4783",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4783"
},
{
"name": "CVE-2019-8321",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8321"
},
{
"name": "CVE-2025-21826",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21826"
},
{
"name": "CVE-2025-29768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29768"
},
{
"name": "CVE-2015-4774",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4774"
},
{
"name": "CVE-2023-50495",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50495"
},
{
"name": "CVE-2022-23772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23772"
},
{
"name": "CVE-2022-21294",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21294"
},
{
"name": "CVE-2025-21750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21750"
},
{
"name": "CVE-2017-11164",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11164"
},
{
"name": "CVE-2024-57924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57924"
},
{
"name": "CVE-2025-21912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21912"
},
{
"name": "CVE-2018-13440",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13440"
},
{
"name": "CVE-2022-42898",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42898"
},
{
"name": "CVE-2025-46393",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46393"
},
{
"name": "CVE-2022-43551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
},
{
"name": "CVE-2021-0561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0561"
},
{
"name": "CVE-2018-12599",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12599"
},
{
"name": "CVE-2025-21859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21859"
},
{
"name": "CVE-2025-38416",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38416"
},
{
"name": "CVE-2022-1587",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1587"
},
{
"name": "CVE-2025-21825",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21825"
},
{
"name": "CVE-2025-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
},
{
"name": "CVE-2017-7246",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7246"
},
{
"name": "CVE-2020-2755",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2755"
},
{
"name": "CVE-2025-8714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8714"
},
{
"name": "CVE-2023-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
},
{
"name": "CVE-2022-0284",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0284"
},
{
"name": "CVE-2017-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
},
{
"name": "CVE-2025-9086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
},
{
"name": "CVE-2025-49124",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49124"
},
{
"name": "CVE-2023-6481",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6481"
},
{
"name": "CVE-2024-58016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58016"
},
{
"name": "CVE-2020-14779",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14779"
},
{
"name": "CVE-2025-21903",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21903"
},
{
"name": "CVE-2021-41772",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41772"
},
{
"name": "CVE-2021-32292",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32292"
},
{
"name": "CVE-2025-38194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38194"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2023-6378",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6378"
},
{
"name": "CVE-2024-10041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2022-34903",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34903"
},
{
"name": "CVE-2023-1667",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1667"
},
{
"name": "CVE-2022-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2953"
},
{
"name": "CVE-2022-43238",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43238"
},
{
"name": "CVE-2025-3121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3121"
},
{
"name": "CVE-2022-4899",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4899"
},
{
"name": "CVE-2022-43680",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2024-20696",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20696"
},
{
"name": "CVE-2025-21761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21761"
},
{
"name": "CVE-2025-46149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46149"
},
{
"name": "CVE-2021-26945",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26945"
},
{
"name": "CVE-2025-37932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
},
{
"name": "CVE-2022-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3219"
},
{
"name": "CVE-2025-46152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46152"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2024-57951",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57951"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"name": "CVE-2025-38348",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38348"
},
{
"name": "CVE-2023-34969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34969"
},
{
"name": "CVE-2025-21844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21844"
},
{
"name": "CVE-2025-21885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21885"
},
{
"name": "CVE-2020-22916",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22916"
},
{
"name": "CVE-2025-21784",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21784"
},
{
"name": "CVE-2025-31672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31672"
},
{
"name": "CVE-2025-21681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21681"
},
{
"name": "CVE-2023-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22045"
},
{
"name": "CVE-2025-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38540"
},
{
"name": "CVE-2025-5916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5916"
},
{
"name": "CVE-2025-21676",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21676"
},
{
"name": "CVE-2025-30721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30721"
},
{
"name": "CVE-2025-38403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38403"
},
{
"name": "CVE-2022-28463",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28463"
},
{
"name": "CVE-2022-23308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23308"
},
{
"name": "CVE-2025-21726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21726"
},
{
"name": "CVE-2023-29400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
},
{
"name": "CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2018-3779",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3779"
},
{
"name": "CVE-2024-21138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21138"
},
{
"name": "CVE-2020-28196",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28196"
},
{
"name": "CVE-2024-27407",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27407"
},
{
"name": "CVE-2025-41232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41232"
},
{
"name": "CVE-2024-58020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58020"
},
{
"name": "CVE-2025-50091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50091"
},
{
"name": "CVE-2025-10911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10911"
},
{
"name": "CVE-2025-32988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
},
{
"name": "CVE-2021-31566",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31566"
},
{
"name": "CVE-2024-10963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10963"
},
{
"name": "CVE-2022-28805",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28805"
},
{
"name": "CVE-2024-26461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
},
{
"name": "CVE-2024-34750",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34750"
},
{
"name": "CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"name": "CVE-2017-3604",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3604"
},
{
"name": "CVE-2025-21723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21723"
},
{
"name": "CVE-2023-0804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0804"
},
{
"name": "CVE-2023-22049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
},
{
"name": "CVE-2024-24787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24787"
},
{
"name": "CVE-2025-21802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21802"
},
{
"name": "CVE-2022-21341",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21341"
},
{
"name": "CVE-2025-38146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38146"
},
{
"name": "CVE-2025-21705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21705"
},
{
"name": "CVE-2024-38828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38828"
},
{
"name": "CVE-2023-27538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
},
{
"name": "CVE-2022-1355",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1355"
},
{
"name": "CVE-2025-47291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47291"
},
{
"name": "CVE-2023-4641",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4641"
},
{
"name": "CVE-2025-27113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2023-36054",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36054"
},
{
"name": "CVE-2024-26458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
},
{
"name": "CVE-2025-38418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38418"
},
{
"name": "CVE-2025-38090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38090"
},
{
"name": "CVE-2025-21721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21721"
},
{
"name": "CVE-2025-21810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21810"
},
{
"name": "CVE-2022-1420",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1420"
},
{
"name": "CVE-2022-23218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23218"
},
{
"name": "CVE-2021-24031",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24031"
},
{
"name": "CVE-2025-23166",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23166"
},
{
"name": "CVE-2022-41724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
},
{
"name": "CVE-2025-46153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46153"
},
{
"name": "CVE-2025-21877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21877"
},
{
"name": "CVE-2023-0797",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0797"
},
{
"name": "CVE-2025-5994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5994"
},
{
"name": "CVE-2021-38115",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38115"
},
{
"name": "CVE-2025-38415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38415"
},
{
"name": "CVE-2021-31879",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31879"
},
{
"name": "CVE-2024-55549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
},
{
"name": "CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"name": "CVE-2024-49887",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49887"
},
{
"name": "CVE-2025-22134",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22134"
},
{
"name": "CVE-2021-35578",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35578"
},
{
"name": "CVE-2025-1215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1215"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2023-1916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1916"
},
{
"name": "CVE-2021-20309",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20309"
},
{
"name": "CVE-2022-29217",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29217"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2022-30634",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30634"
},
{
"name": "CVE-2023-38472",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38472"
},
{
"name": "CVE-2024-56826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56826"
},
{
"name": "CVE-2017-12643",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12643"
},
{
"name": "CVE-2024-57953",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57953"
},
{
"name": "CVE-2020-14583",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14583"
},
{
"name": "CVE-2025-24294",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24294"
},
{
"name": "CVE-2023-48232",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48232"
},
{
"name": "CVE-2021-26720",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26720"
},
{
"name": "CVE-2025-54801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54801"
},
{
"name": "CVE-2025-40909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40909"
},
{
"name": "CVE-2025-53054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53054"
},
{
"name": "CVE-2025-21878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21878"
},
{
"name": "CVE-2023-24756",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24756"
},
{
"name": "CVE-2017-3607",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3607"
},
{
"name": "CVE-2021-44716",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
},
{
"name": "CVE-2022-2520",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2520"
},
{
"name": "CVE-2022-21340",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21340"
},
{
"name": "CVE-2024-47874",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47874"
},
{
"name": "CVE-2025-21670",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21670"
},
{
"name": "CVE-2025-9403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9403"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2025-21739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21739"
},
{
"name": "CVE-2016-4074",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4074"
},
{
"name": "CVE-2024-0746",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0746"
},
{
"name": "CVE-2025-21775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21775"
},
{
"name": "CVE-2024-12254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12254"
},
{
"name": "CVE-2025-21846",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21846"
},
{
"name": "CVE-2022-33099",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33099"
},
{
"name": "CVE-2023-45931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45931"
},
{
"name": "CVE-2025-8114",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8114"
},
{
"name": "CVE-2025-38400",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38400"
},
{
"name": "CVE-2023-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6004"
},
{
"name": "CVE-2025-32387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32387"
},
{
"name": "CVE-2024-26775",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26775"
},
{
"name": "CVE-2022-25309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25309"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-38136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38136"
},
{
"name": "CVE-2024-38808",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38808"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2024-12747",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12747"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2023-41175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41175"
},
{
"name": "CVE-2023-48234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48234"
},
{
"name": "CVE-2025-55212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55212"
},
{
"name": "CVE-2022-36087",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36087"
},
{
"name": "CVE-2022-32547",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32547"
},
{
"name": "CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"name": "CVE-2022-0351",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0351"
},
{
"name": "CVE-2022-35737",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
},
{
"name": "CVE-2022-21293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21293"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2022-26280",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26280"
},
{
"name": "CVE-2025-37752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37752"
},
{
"name": "CVE-2025-55668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55668"
},
{
"name": "CVE-2023-7008",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7008"
},
{
"name": "CVE-2022-1354",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1354"
},
{
"name": "CVE-2023-24540",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
},
{
"name": "CVE-2025-21873",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21873"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2025-38048",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38048"
},
{
"name": "CVE-2019-13147",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13147"
},
{
"name": "CVE-2025-50104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50104"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2020-2800",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2800"
},
{
"name": "CVE-2024-8096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
},
{
"name": "CVE-2018-11655",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11655"
},
{
"name": "CVE-2022-4415",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4415"
},
{
"name": "CVE-2022-2928",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2928"
},
{
"name": "CVE-2025-21765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21765"
},
{
"name": "CVE-2023-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3576"
},
{
"name": "CVE-2025-38477",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38477"
},
{
"name": "CVE-2023-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
},
{
"name": "CVE-2025-61772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61772"
},
{
"name": "CVE-2025-57803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57803"
},
{
"name": "CVE-2023-46246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46246"
},
{
"name": "CVE-2025-21782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21782"
},
{
"name": "CVE-2023-31437",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31437"
},
{
"name": "CVE-2023-47039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47039"
},
{
"name": "CVE-2025-30722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30722"
},
{
"name": "CVE-2024-43802",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43802"
},
{
"name": "CVE-2025-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
},
{
"name": "CVE-2016-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2781"
},
{
"name": "CVE-2023-31484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31484"
},
{
"name": "CVE-2024-56827",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56827"
},
{
"name": "CVE-2023-29383",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
},
{
"name": "CVE-2024-21145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21145"
},
{
"name": "CVE-2022-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
},
{
"name": "CVE-2023-37769",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37769"
},
{
"name": "CVE-2025-21926",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21926"
},
{
"name": "CVE-2022-21282",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21282"
},
{
"name": "CVE-2022-21349",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21349"
},
{
"name": "CVE-2020-29511",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29511"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2015-7697",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7697"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21742"
},
{
"name": "CVE-2025-30687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30687"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2022-43243",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43243"
},
{
"name": "CVE-2024-58002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58002"
},
{
"name": "CVE-2017-16231",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16231"
},
{
"name": "CVE-2025-38406",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38406"
},
{
"name": "CVE-2025-50101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50101"
},
{
"name": "CVE-2025-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21930"
},
{
"name": "CVE-2021-35942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35942"
},
{
"name": "CVE-2025-46701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2025-32415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
},
{
"name": "CVE-2025-24855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24855"
},
{
"name": "CVE-2025-5702",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5702"
},
{
"name": "CVE-2025-21870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21870"
},
{
"name": "CVE-2017-9409",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9409"
},
{
"name": "CVE-2023-24537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24537"
},
{
"name": "CVE-2018-1000077",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000077"
},
{
"name": "CVE-2025-21892",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21892"
},
{
"name": "CVE-2024-58052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58052"
},
{
"name": "CVE-2025-21944",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21944"
},
{
"name": "CVE-2025-21905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21905"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2024-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23337"
},
{
"name": "CVE-2016-0689",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0689"
},
{
"name": "CVE-2025-38352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38352"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2024-54456",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54456"
},
{
"name": "CVE-2025-61748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61748"
},
{
"name": "CVE-2025-21920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21920"
},
{
"name": "CVE-2025-55554",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55554"
},
{
"name": "CVE-2024-43168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43168"
},
{
"name": "CVE-2014-8140",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8140"
},
{
"name": "CVE-2025-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
},
{
"name": "CVE-2025-22016",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22016"
},
{
"name": "CVE-2025-4207",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4207"
},
{
"name": "CVE-2021-45346",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45346"
},
{
"name": "CVE-2025-37756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37756"
},
{
"name": "CVE-2022-0908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0908"
},
{
"name": "CVE-2025-38263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38263"
},
{
"name": "CVE-2025-21667",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21667"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2024-46901",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46901"
},
{
"name": "CVE-2023-49083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49083"
},
{
"name": "CVE-2025-21955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21955"
},
{
"name": "CVE-2025-8677",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8677"
},
{
"name": "CVE-2025-21773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21773"
},
{
"name": "CVE-2025-53040",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53040"
},
{
"name": "CVE-2025-38218",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38218"
},
{
"name": "CVE-2023-45287",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45287"
},
{
"name": "CVE-2025-53906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53906"
},
{
"name": "CVE-2025-27789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27789"
},
{
"name": "CVE-2025-1352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1352"
},
{
"name": "CVE-2024-43167",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43167"
},
{
"name": "CVE-2021-28861",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28861"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2022-21248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21248"
},
{
"name": "CVE-2021-33574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33574"
},
{
"name": "CVE-2018-1000035",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000035"
},
{
"name": "CVE-2021-40211",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40211"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2024-58001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58001"
},
{
"name": "CVE-2025-38393",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38393"
},
{
"name": "CVE-2024-26256",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26256"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2019-18276",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18276"
},
{
"name": "CVE-2025-38618",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38618"
},
{
"name": "CVE-2021-3326",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3326"
},
{
"name": "CVE-2023-2283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2283"
},
{
"name": "CVE-2020-0499",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0499"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2025-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21724"
},
{
"name": "CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"name": "CVE-2025-8885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8885"
},
{
"name": "CVE-2025-3136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3136"
},
{
"name": "CVE-2025-55160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55160"
},
{
"name": "CVE-2025-21891",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21891"
},
{
"name": "CVE-2025-38249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38249"
},
{
"name": "CVE-2023-40403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40403"
},
{
"name": "CVE-2025-22013",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22013"
},
{
"name": "CVE-2024-50157",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50157"
},
{
"name": "CVE-2022-48703",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48703"
},
{
"name": "CVE-2025-38154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38154"
},
{
"name": "CVE-2022-1674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1674"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2025-21858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21858"
},
{
"name": "CVE-2025-41249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41249"
},
{
"name": "CVE-2022-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30699"
},
{
"name": "CVE-2025-21672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21672"
},
{
"name": "CVE-2025-38389",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38389"
},
{
"name": "CVE-2025-38448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38448"
},
{
"name": "CVE-2022-48281",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48281"
},
{
"name": "CVE-2023-2426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2426"
},
{
"name": "CVE-2021-35938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
},
{
"name": "CVE-2025-30704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30704"
},
{
"name": "CVE-2021-35564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35564"
},
{
"name": "CVE-2024-57949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57949"
},
{
"name": "CVE-2025-1632",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1632"
},
{
"name": "CVE-2021-20176",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20176"
},
{
"name": "CVE-2025-21979",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21979"
},
{
"name": "CVE-2022-3278",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3278"
},
{
"name": "CVE-2022-30580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
},
{
"name": "CVE-2025-21821",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21821"
},
{
"name": "CVE-2022-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28321"
},
{
"name": "CVE-2025-55298",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55298"
},
{
"name": "CVE-2022-43241",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43241"
},
{
"name": "CVE-2017-3606",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3606"
},
{
"name": "CVE-2023-52969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52969"
},
{
"name": "CVE-2018-1000073",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000073"
},
{
"name": "CVE-2025-38052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38052"
},
{
"name": "CVE-2025-38377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38377"
},
{
"name": "CVE-2023-20883",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20883"
},
{
"name": "CVE-2025-21733",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21733"
},
{
"name": "CVE-2023-22656",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22656"
},
{
"name": "CVE-2025-46551",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46551"
},
{
"name": "CVE-2025-43965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43965"
},
{
"name": "CVE-2022-40090",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40090"
},
{
"name": "CVE-2021-36408",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36408"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2025-53045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53045"
},
{
"name": "CVE-2023-39327",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39327"
},
{
"name": "CVE-2017-18253",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18253"
},
{
"name": "CVE-2024-12243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
},
{
"name": "CVE-2024-26462",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26462"
},
{
"name": "CVE-2024-58053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58053"
},
{
"name": "CVE-2025-38516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38516"
},
{
"name": "CVE-2025-30693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
},
{
"name": "CVE-2025-38462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38462"
},
{
"name": "CVE-2025-38350",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38350"
},
{
"name": "CVE-2025-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38428"
},
{
"name": "CVE-2025-27363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27363"
},
{
"name": "CVE-2018-13410",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13410"
},
{
"name": "CVE-2025-2099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2099"
},
{
"name": "CVE-2025-38262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38262"
},
{
"name": "CVE-2025-6638",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6638"
},
{
"name": "CVE-2025-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21585"
},
{
"name": "CVE-2023-24531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24531"
},
{
"name": "CVE-2025-38138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38138"
},
{
"name": "CVE-2021-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3610"
},
{
"name": "CVE-2024-58077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58077"
},
{
"name": "CVE-2025-5283",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5283"
},
{
"name": "CVE-2025-21754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21754"
},
{
"name": "CVE-2024-12088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12088"
},
{
"name": "CVE-2023-24538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
},
{
"name": "CVE-2025-38035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38035"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2025-37997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2021-44717",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44717"
},
{
"name": "CVE-2025-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
},
{
"name": "CVE-2025-0395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0395"
},
{
"name": "CVE-2025-53506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
},
{
"name": "CVE-2025-21960",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21960"
},
{
"name": "CVE-2025-38310",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38310"
},
{
"name": "CVE-2025-23084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23084"
},
{
"name": "CVE-2015-4786",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4786"
},
{
"name": "CVE-2020-14155",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14155"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2025-37963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37963"
},
{
"name": "CVE-2022-43250",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43250"
},
{
"name": "CVE-2022-40304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
},
{
"name": "CVE-2025-38226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38226"
},
{
"name": "CVE-2025-4947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4947"
},
{
"name": "CVE-2023-4911",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4911"
},
{
"name": "CVE-2022-29804",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29804"
},
{
"name": "CVE-2023-38473",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38473"
},
{
"name": "CVE-2025-38443",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38443"
},
{
"name": "CVE-2025-0725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2025-52099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52099"
},
{
"name": "CVE-2023-43887",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43887"
},
{
"name": "CVE-2025-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21967"
},
{
"name": "CVE-2025-7424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7424"
},
{
"name": "CVE-2025-1094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1094"
},
{
"name": "CVE-2021-24032",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24032"
},
{
"name": "CVE-2025-38439",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38439"
},
{
"name": "CVE-2022-1434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
},
{
"name": "CVE-2025-41254",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41254"
},
{
"name": "CVE-2022-21496",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21496"
},
{
"name": "CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"name": "CVE-2020-2757",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2757"
},
{
"name": "CVE-2025-53864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53864"
},
{
"name": "CVE-2025-38145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38145"
},
{
"name": "CVE-2022-2598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2598"
},
{
"name": "CVE-2020-27829",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27829"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2025-37948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37948"
},
{
"name": "CVE-2021-27645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27645"
},
{
"name": "CVE-2025-21863",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21863"
},
{
"name": "CVE-2025-21856",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21856"
},
{
"name": "CVE-2025-53053",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53053"
},
{
"name": "CVE-2022-2509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2509"
},
{
"name": "CVE-2024-28835",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28835"
},
{
"name": "CVE-2025-54388",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54388"
},
{
"name": "CVE-2025-21749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21749"
},
{
"name": "CVE-2017-6839",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6839"
},
{
"name": "CVE-2023-1906",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1906"
},
{
"name": "CVE-2025-40025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40025"
},
{
"name": "CVE-2025-38051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38051"
},
{
"name": "CVE-2021-35556",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35556"
},
{
"name": "CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"name": "CVE-2022-34526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34526"
},
{
"name": "CVE-2025-8058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8058"
},
{
"name": "CVE-2023-47471",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47471"
},
{
"name": "CVE-2022-2868",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2868"
},
{
"name": "CVE-2022-1771",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1771"
},
{
"name": "CVE-2025-21945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21945"
},
{
"name": "CVE-2021-32492",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32492"
},
{
"name": "CVE-2023-39323",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
},
{
"name": "CVE-2023-29402",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
},
{
"name": "CVE-2025-55005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55005"
},
{
"name": "CVE-2025-32955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32955"
},
{
"name": "CVE-2025-8732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8732"
},
{
"name": "CVE-2025-38044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38044"
},
{
"name": "CVE-2022-1586",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1586"
},
{
"name": "CVE-2023-39326",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
},
{
"name": "CVE-2024-52616",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52616"
},
{
"name": "CVE-2025-38498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38498"
},
{
"name": "CVE-2025-40015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40015"
},
{
"name": "CVE-2024-21085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
},
{
"name": "CVE-2025-21673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21673"
},
{
"name": "CVE-2025-21829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21829"
},
{
"name": "CVE-2025-21502",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21502"
},
{
"name": "CVE-2024-57999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57999"
},
{
"name": "CVE-2018-16645",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16645"
},
{
"name": "CVE-2025-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
},
{
"name": "CVE-2023-38039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38039"
},
{
"name": "CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"name": "CVE-2022-21443",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21443"
},
{
"name": "CVE-2025-21969",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21969"
},
{
"name": "CVE-2025-38200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38200"
},
{
"name": "CVE-2025-40007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40007"
},
{
"name": "CVE-2024-58072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58072"
},
{
"name": "CVE-2025-38273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38273"
},
{
"name": "CVE-2025-38346",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38346"
},
{
"name": "CVE-2025-55315",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55315"
},
{
"name": "CVE-2018-11813",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11813"
},
{
"name": "CVE-2025-21722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21722"
},
{
"name": "CVE-2024-50379",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50379"
},
{
"name": "CVE-2021-35560",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35560"
},
{
"name": "CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"name": "CVE-2025-21793",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21793"
},
{
"name": "CVE-2022-2719",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2719"
},
{
"name": "CVE-2025-21581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21581"
},
{
"name": "CVE-2022-45873",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45873"
},
{
"name": "CVE-2023-34151",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34151"
},
{
"name": "CVE-2023-51384",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51384"
},
{
"name": "CVE-2021-43809",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43809"
},
{
"name": "CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"name": "CVE-2015-1606",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1606"
},
{
"name": "CVE-2025-21894",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21894"
},
{
"name": "CVE-2025-21919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21919"
},
{
"name": "CVE-2023-3896",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3896"
},
{
"name": "CVE-2023-2908",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2908"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2025-58754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58754"
},
{
"name": "CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"name": "CVE-2023-24534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
},
{
"name": "CVE-2025-21854",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21854"
},
{
"name": "CVE-2017-7501",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7501"
},
{
"name": "CVE-2024-21131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21131"
},
{
"name": "CVE-2023-31486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31486"
},
{
"name": "CVE-2020-21599",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21599"
},
{
"name": "CVE-2025-41242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41242"
},
{
"name": "CVE-2024-21210",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
},
{
"name": "CVE-2013-0340",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0340"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2025-21759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21759"
},
{
"name": "CVE-2023-32611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32611"
},
{
"name": "CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2015-20107",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-20107"
},
{
"name": "CVE-2023-39978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39978"
},
{
"name": "CVE-2024-34397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34397"
},
{
"name": "CVE-2025-38320",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38320"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"name": "CVE-2025-8177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8177"
},
{
"name": "CVE-2025-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
},
{
"name": "CVE-2024-58083",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58083"
},
{
"name": "CVE-2021-20311",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20311"
},
{
"name": "CVE-2024-58055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58055"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2023-28486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28486"
},
{
"name": "CVE-2020-27618",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27618"
},
{
"name": "CVE-2024-57993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57993"
},
{
"name": "CVE-2025-21887",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21887"
},
{
"name": "CVE-2023-6246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6246"
},
{
"name": "CVE-2021-20241",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20241"
},
{
"name": "CVE-2017-12674",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12674"
},
{
"name": "CVE-2023-0800",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0800"
},
{
"name": "CVE-2025-62171",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62171"
},
{
"name": "CVE-2025-38280",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38280"
},
{
"name": "CVE-2023-5388",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5388"
},
{
"name": "CVE-2018-1000078",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000078"
},
{
"name": "CVE-2020-2756",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2756"
},
{
"name": "CVE-2025-50950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50950"
},
{
"name": "CVE-2020-21605",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21605"
},
{
"name": "CVE-2024-54534",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54534"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2025-38084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38084"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2022-23219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
},
{
"name": "CVE-2017-1000476",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000476"
},
{
"name": "CVE-2015-2640",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2640"
},
{
"name": "CVE-2025-30685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30685"
},
{
"name": "CVE-2024-41123",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41123"
},
{
"name": "CVE-2025-6921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6921"
},
{
"name": "CVE-2015-8863",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8863"
},
{
"name": "CVE-2022-21619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21619"
},
{
"name": "CVE-2025-30695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30695"
},
{
"name": "CVE-2025-30688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30688"
},
{
"name": "CVE-2023-5752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5752"
},
{
"name": "CVE-2018-11656",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11656"
},
{
"name": "CVE-2025-38103",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38103"
},
{
"name": "CVE-2022-2127",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2127"
},
{
"name": "CVE-2021-25217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25217"
},
{
"name": "CVE-2025-38514",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38514"
},
{
"name": "CVE-2018-19876",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19876"
},
{
"name": "CVE-2025-61780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61780"
},
{
"name": "CVE-2021-20310",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20310"
},
{
"name": "CVE-2021-20245",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20245"
},
{
"name": "CVE-2021-35561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35561"
},
{
"name": "CVE-2025-21732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21732"
},
{
"name": "CVE-2025-38569",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38569"
},
{
"name": "CVE-2022-21476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21476"
},
{
"name": "CVE-2023-22796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22796"
},
{
"name": "CVE-2025-21875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21875"
},
{
"name": "CVE-2023-0361",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0361"
},
{
"name": "CVE-2025-38204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38204"
},
{
"name": "CVE-2021-40812",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40812"
},
{
"name": "CVE-2021-4217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4217"
},
{
"name": "CVE-2023-32643",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32643"
},
{
"name": "CVE-2023-27537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27537"
},
{
"name": "CVE-2025-22015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22015"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2024-2961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2961"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2025-29786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29786"
},
{
"name": "CVE-2025-21832",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21832"
},
{
"name": "CVE-2024-12133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12133"
},
{
"name": "CVE-2024-24784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
},
{
"name": "CVE-2022-27780",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
},
{
"name": "CVE-2018-9135",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9135"
},
{
"name": "CVE-2025-38410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38410"
},
{
"name": "CVE-2025-21790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21790"
},
{
"name": "CVE-2024-52316",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52316"
},
{
"name": "CVE-2024-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
},
{
"name": "CVE-2021-39212",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39212"
},
{
"name": "CVE-2024-28182",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28182"
},
{
"name": "CVE-2024-58014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58014"
},
{
"name": "CVE-2025-21680",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21680"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2017-12433",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12433"
},
{
"name": "CVE-2025-21924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21924"
},
{
"name": "CVE-2021-3574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3574"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"name": "CVE-2022-21541",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21541"
},
{
"name": "CVE-2025-22227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22227"
},
{
"name": "CVE-2025-47273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"
},
{
"name": "CVE-2025-27221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27221"
},
{
"name": "CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"name": "CVE-2024-58006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58006"
},
{
"name": "CVE-2025-21710",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21710"
},
{
"name": "CVE-2022-21360",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21360"
},
{
"name": "CVE-2025-22088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22088"
},
{
"name": "CVE-2025-38460",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38460"
},
{
"name": "CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"name": "CVE-2022-25858",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25858"
},
{
"name": "CVE-2022-21296",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21296"
},
{
"name": "CVE-2022-48303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48303"
},
{
"name": "CVE-2025-38345",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38345"
},
{
"name": "CVE-2022-21540",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21540"
},
{
"name": "CVE-2025-21815",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21815"
},
{
"name": "CVE-2025-50083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50083"
},
{
"name": "CVE-2024-37371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37371"
},
{
"name": "CVE-2017-6836",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6836"
},
{
"name": "CVE-2021-3500",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3500"
},
{
"name": "CVE-2022-25310",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25310"
},
{
"name": "CVE-2023-38545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
},
{
"name": "CVE-2021-43618",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
},
{
"name": "CVE-2021-20251",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20251"
},
{
"name": "CVE-2025-21669",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21669"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
},
{
"name": "CVE-2021-33621",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33621"
},
{
"name": "CVE-2025-57807",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57807"
},
{
"name": "CVE-2025-38231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38231"
},
{
"name": "CVE-2022-26488",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26488"
},
{
"name": "CVE-2025-21716",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21716"
},
{
"name": "CVE-2024-49761",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49761"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2025-3777",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3777"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2024-0567",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0567"
},
{
"name": "CVE-2018-18384",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18384"
},
{
"name": "CVE-2024-58080",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58080"
},
{
"name": "CVE-2025-21744",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21744"
},
{
"name": "CVE-2024-21208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
},
{
"name": "CVE-2023-32665",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32665"
},
{
"name": "CVE-2025-31498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31498"
},
{
"name": "CVE-2022-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30698"
},
{
"name": "CVE-2023-31438",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31438"
},
{
"name": "CVE-2024-57986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57986"
},
{
"name": "CVE-2021-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37750"
},
{
"name": "CVE-2025-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3576"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
},
{
"name": "CVE-2021-20244",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20244"
},
{
"name": "CVE-2025-38181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38181"
},
{
"name": "CVE-2025-21835",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21835"
},
{
"name": "CVE-2025-38391",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38391"
},
{
"name": "CVE-2025-11411",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11411"
},
{
"name": "CVE-2020-14577",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14577"
},
{
"name": "CVE-2022-3570",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3570"
},
{
"name": "CVE-2016-9844",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9844"
},
{
"name": "CVE-2019-13136",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13136"
},
{
"name": "CVE-2025-49014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49014"
},
{
"name": "CVE-2021-36222",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36222"
},
{
"name": "CVE-2021-3941",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3941"
},
{
"name": "CVE-2022-0561",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0561"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2025-21811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21811"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
},
{
"name": "CVE-2025-11226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11226"
}
],
"initial_release_date": "2025-11-06T00:00:00",
"last_revision_date": "2025-11-06T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0969",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-11-06T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36320",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36320"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36423",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36423"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2022-19",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36364"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36351"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36424",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36424"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36412",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36412"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36388",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36388"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36426",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36426"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36411",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36411"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36357",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36357"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36408",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36408"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36349",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36349"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36414",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36414"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36397",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36397"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36389",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36389"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36398",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36398"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36380",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36380"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-41",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36407"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36362",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36362"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36413",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36413"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36384",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36384"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36379",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36379"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36400",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36400"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36377",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36377"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36368",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36368"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36418",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36418"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36420",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36420"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36391",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36391"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36392",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36392"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36353",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36353"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-14",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36356"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36422",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36422"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36381",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36381"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36421",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36421"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36416",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36416"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-86",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36415"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36403",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36403"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36347",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36347"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36383",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36383"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36410",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36410"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36352",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36352"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36394",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36394"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36354",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36354"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36399",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36399"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36350"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36419",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36419"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-85",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36401"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2022-19",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36365"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36405",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36405"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2018-27",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36367"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36395",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36395"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36387",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36387"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36363",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36363"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36385",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36385"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36409",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36409"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36359"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36348",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36348"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36386",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36386"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36417",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36417"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36425",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36425"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2018-27",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36366"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-44",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36360"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36355",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36355"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36358"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36396",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36396"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36378",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36378"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36382",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36382"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36404",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36404"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-44",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36361"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36402",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36402"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36393",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36393"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36406",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36406"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36390",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36390"
}
]
}
CERTFR-2025-AVI-0969
Vulnerability from certfr_avis - Published: 2025-11-06 - Updated: 2025-11-06
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Kubernetes Runtime | GenAI sur Tanzu Platform pour Cloud Foundry versions antérieures à 10.2.5 | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.90.x | ||
| VMware | Tanzu Kubernetes Runtime | NodeJS Buildpack versions antérieures à 1.8.58 | ||
| VMware | Tanzu Kubernetes Runtime | Python Buildpack versions antérieures à 1.8.63 | ||
| VMware | Tanzu Kubernetes Runtime | VMware Tanzu pour MySQL sur Tanzu Platform versions antérieures à 10.1.0 | ||
| VMware | Tanzu Kubernetes Runtime | API Gateway pour VMware Tanzu Platform versions antérieures à 2.4.0 | ||
| VMware | Tanzu Kubernetes Runtime | PHP Buildpack versions antérieures à 4.6.49 | ||
| VMware | Tanzu Kubernetes Runtime | Single Sign-On pour VMware Tanzu Platform versions antérieures à 1.16.14 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy FIPS) versions antérieures à 1.915.x | ||
| VMware | Tanzu Application Service | CredHub Service Broker versions antérieures à 1.6.6 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy FIPS) versions antérieures à 1.943.x | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions antérieures à 10.2.4+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry Windows versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.915.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry Windows versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Single Sign-On pour VMware Tanzu Application Service versions antérieures à 1.16.13 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.943.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry isolation segment versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.77.x | ||
| VMware | Services Suite | Platform Automation Toolkit versions antérieures à 5.3.2 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy Azure Light) versions antérieures à 1.906.x | ||
| VMware | Tanzu Kubernetes Runtime | Spring Cloud Data Flow pour VMware Tanzu versions antérieures à 1.14.9 | ||
| VMware | Tanzu Kubernetes Runtime | App Autoscaler CLI Plugin pour VMware Tanzu Platform versions antérieures à 250.5.9 | ||
| VMware | Tanzu Kubernetes Runtime | Spring Cloud Services pour VMware Tanzu versions antérieures à 3.3.10 | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Concourse pour VMware Tanzu versions antérieures à 7.14.1+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry isolation segment versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Platform Services pour VMware Tanzu Platform versions antérieures à 10.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Ruby Buildpack versions antérieures à 1.10.46 | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime pour VMware Tanzu Platform versions antérieures à 6.0.21+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Telemetry pour VMware Tanzu Platform versions antérieures à 2.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.103.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Hub versions antérieures à 10.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.906.x |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "GenAI sur Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 10.2.5",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.90.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "NodeJS Buildpack versions ant\u00e9rieures \u00e0 1.8.58",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Python Buildpack versions ant\u00e9rieures \u00e0 1.8.63",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Tanzu pour MySQL sur Tanzu Platform versions ant\u00e9rieures \u00e0 10.1.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "API Gateway pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.4.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "PHP Buildpack versions ant\u00e9rieures \u00e0 4.6.49",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 1.16.14",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy FIPS) versions ant\u00e9rieures \u00e0 1.915.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "CredHub Service Broker versions ant\u00e9rieures \u00e0 1.6.6",
"product": {
"name": "Tanzu Application Service",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy FIPS) versions ant\u00e9rieures \u00e0 1.943.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.4+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry Windows versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.915.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry Windows versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On pour VMware Tanzu Application Service versions ant\u00e9rieures \u00e0 1.16.13",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.943.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.77.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Platform Automation Toolkit versions ant\u00e9rieures \u00e0 5.3.2",
"product": {
"name": "Services Suite",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy Azure Light) versions ant\u00e9rieures \u00e0 1.906.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Data Flow pour VMware Tanzu versions ant\u00e9rieures \u00e0 1.14.9",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "App Autoscaler CLI Plugin pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 250.5.9",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Services pour VMware Tanzu versions ant\u00e9rieures \u00e0 3.3.10",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Concourse pour VMware Tanzu versions ant\u00e9rieures \u00e0 7.14.1+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Platform Services pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Ruby Buildpack versions ant\u00e9rieures \u00e0 1.10.46",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 6.0.21+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Telemetry pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.103.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Hub versions ant\u00e9rieures \u00e0 10.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.906.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2019-25013",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25013"
},
{
"name": "CVE-2017-9937",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9937"
},
{
"name": "CVE-2025-6395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
},
{
"name": "CVE-2022-1343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
},
{
"name": "CVE-2013-4235",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4235"
},
{
"name": "CVE-2024-37370",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37370"
},
{
"name": "CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"name": "CVE-2024-57981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57981"
},
{
"name": "CVE-2025-8715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8715"
},
{
"name": "CVE-2017-3613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3613"
},
{
"name": "CVE-2025-30681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30681"
},
{
"name": "CVE-2022-25308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25308"
},
{
"name": "CVE-2021-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3996"
},
{
"name": "CVE-2024-38807",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38807"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-27102",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27102"
},
{
"name": "CVE-2022-43236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43236"
},
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2023-7104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
},
{
"name": "CVE-2022-35252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
},
{
"name": "CVE-2005-0602",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-0602"
},
{
"name": "CVE-2017-6834",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6834"
},
{
"name": "CVE-2025-22003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22003"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2023-3428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3428"
},
{
"name": "CVE-2021-3933",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3933"
},
{
"name": "CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"name": "CVE-2022-43237",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43237"
},
{
"name": "CVE-2021-23215",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23215"
},
{
"name": "CVE-2022-1115",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1115"
},
{
"name": "CVE-2024-57994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57994"
},
{
"name": "CVE-2025-21798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21798"
},
{
"name": "CVE-2025-3264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3264"
},
{
"name": "CVE-2015-4789",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4789"
},
{
"name": "CVE-2025-53547",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53547"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2020-14621",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14621"
},
{
"name": "CVE-2025-26465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26465"
},
{
"name": "CVE-2025-21975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
},
{
"name": "CVE-2025-21980",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21980"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2025-21889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21889"
},
{
"name": "CVE-2025-21861",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21861"
},
{
"name": "CVE-2025-38328",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38328"
},
{
"name": "CVE-2025-31115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31115"
},
{
"name": "CVE-2021-33294",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33294"
},
{
"name": "CVE-2023-3195",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3195"
},
{
"name": "CVE-2025-59830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59830"
},
{
"name": "CVE-2023-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
},
{
"name": "CVE-2021-20243",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20243"
},
{
"name": "CVE-2023-3316",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3316"
},
{
"name": "CVE-2023-1175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1175"
},
{
"name": "CVE-2024-57948",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57948"
},
{
"name": "CVE-2025-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21937"
},
{
"name": "CVE-2014-9157",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9157"
},
{
"name": "CVE-2020-2803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2803"
},
{
"name": "CVE-2020-14803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14803"
},
{
"name": "CVE-2024-58088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58088"
},
{
"name": "CVE-2024-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
},
{
"name": "CVE-2025-53042",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53042"
},
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2021-37600",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37600"
},
{
"name": "CVE-2025-21689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21689"
},
{
"name": "CVE-2025-21682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21682"
},
{
"name": "CVE-2011-3374",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3374"
},
{
"name": "CVE-2025-30689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30689"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2021-26260",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26260"
},
{
"name": "CVE-2023-0922",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0922"
},
{
"name": "CVE-2025-38100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38100"
},
{
"name": "CVE-2017-18250",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18250"
},
{
"name": "CVE-2025-9231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9231"
},
{
"name": "CVE-2025-1372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1372"
},
{
"name": "CVE-2025-40002",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40002"
},
{
"name": "CVE-2022-21426",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21426"
},
{
"name": "CVE-2025-8851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8851"
},
{
"name": "CVE-2024-58010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58010"
},
{
"name": "CVE-2025-38043",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38043"
},
{
"name": "CVE-2025-21697",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21697"
},
{
"name": "CVE-2025-30715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30715"
},
{
"name": "CVE-2024-57973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57973"
},
{
"name": "CVE-2022-24407",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24407"
},
{
"name": "CVE-2022-30631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
},
{
"name": "CVE-2022-46908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
},
{
"name": "CVE-2022-3626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3626"
},
{
"name": "CVE-2024-28834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28834"
},
{
"name": "CVE-2021-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38604"
},
{
"name": "CVE-2001-1268",
"url": "https://www.cve.org/CVERecord?id=CVE-2001-1268"
},
{
"name": "CVE-2022-2874",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2874"
},
{
"name": "CVE-2025-22017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22017"
},
{
"name": "CVE-2025-38108",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38108"
},
{
"name": "CVE-2025-21783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21783"
},
{
"name": "CVE-2025-38229",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38229"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2021-3733",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3733"
},
{
"name": "CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"name": "CVE-2025-21786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21786"
},
{
"name": "CVE-2024-11187",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11187"
},
{
"name": "CVE-2020-27769",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27769"
},
{
"name": "CVE-2025-30682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30682"
},
{
"name": "CVE-2021-35586",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35586"
},
{
"name": "CVE-2014-9748",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9748"
},
{
"name": "CVE-2025-25186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25186"
},
{
"name": "CVE-2014-8141",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8141"
},
{
"name": "CVE-2022-1623",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1623"
},
{
"name": "CVE-2025-21881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21881"
},
{
"name": "CVE-2025-21951",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21951"
},
{
"name": "CVE-2024-38829",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38829"
},
{
"name": "CVE-2025-10148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10148"
},
{
"name": "CVE-2017-6831",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6831"
},
{
"name": "CVE-2024-58034",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58034"
},
{
"name": "CVE-2025-25724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25724"
},
{
"name": "CVE-2025-27818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27818"
},
{
"name": "CVE-2021-3997",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3997"
},
{
"name": "CVE-2025-50102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50102"
},
{
"name": "CVE-2023-38471",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38471"
},
{
"name": "CVE-2022-0158",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0158"
},
{
"name": "CVE-2020-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27776"
},
{
"name": "CVE-2025-5222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5222"
},
{
"name": "CVE-2025-21743",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21743"
},
{
"name": "CVE-2025-38147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38147"
},
{
"name": "CVE-2023-6780",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6780"
},
{
"name": "CVE-2023-34475",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34475"
},
{
"name": "CVE-2024-26896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26896"
},
{
"name": "CVE-2025-38286",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38286"
},
{
"name": "CVE-2025-55248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55248"
},
{
"name": "CVE-2024-24762",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24762"
},
{
"name": "CVE-2025-53643",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53643"
},
{
"name": "CVE-2022-0696",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0696"
},
{
"name": "CVE-2025-27516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27516"
},
{
"name": "CVE-2024-21144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21144"
},
{
"name": "CVE-2024-3220",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3220"
},
{
"name": "CVE-2022-3599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3599"
},
{
"name": "CVE-2021-39537",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39537"
},
{
"name": "CVE-2025-12380",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12380"
},
{
"name": "CVE-2022-42010",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42010"
},
{
"name": "CVE-2015-4787",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4787"
},
{
"name": "CVE-2021-35550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35550"
},
{
"name": "CVE-2022-27781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
},
{
"name": "CVE-2025-21847",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21847"
},
{
"name": "CVE-2022-2929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2929"
},
{
"name": "CVE-2018-15120",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15120"
},
{
"name": "CVE-2024-58069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58069"
},
{
"name": "CVE-2025-8556",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8556"
},
{
"name": "CVE-2023-0796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0796"
},
{
"name": "CVE-2025-21853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21853"
},
{
"name": "CVE-2025-21871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21871"
},
{
"name": "CVE-2023-51385",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51385"
},
{
"name": "CVE-2016-0682",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0682"
},
{
"name": "CVE-2025-4287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4287"
},
{
"name": "CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"name": "CVE-2025-21731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21731"
},
{
"name": "CVE-2023-48237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48237"
},
{
"name": "CVE-2023-48706",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48706"
},
{
"name": "CVE-2021-3605",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3605"
},
{
"name": "CVE-2025-38515",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38515"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2024-25126",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25126"
},
{
"name": "CVE-2025-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
},
{
"name": "CVE-2025-8277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8277"
},
{
"name": "CVE-2025-8941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8941"
},
{
"name": "CVE-2017-10928",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10928"
},
{
"name": "CVE-2023-52425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
},
{
"name": "CVE-2025-38163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38163"
},
{
"name": "CVE-2021-35567",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35567"
},
{
"name": "CVE-2017-12429",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12429"
},
{
"name": "CVE-2025-38444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38444"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2019-8322",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8322"
},
{
"name": "CVE-2024-52615",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52615"
},
{
"name": "CVE-2020-14579",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14579"
},
{
"name": "CVE-2023-2157",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2157"
},
{
"name": "CVE-2025-32386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32386"
},
{
"name": "CVE-2025-21823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21823"
},
{
"name": "CVE-2025-11731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11731"
},
{
"name": "CVE-2019-1010238",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1010238"
},
{
"name": "CVE-2024-26700",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26700"
},
{
"name": "CVE-2024-58082",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58082"
},
{
"name": "CVE-2024-35176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35176"
},
{
"name": "CVE-2024-33602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33602"
},
{
"name": "CVE-2025-55551",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55551"
},
{
"name": "CVE-2025-50100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50100"
},
{
"name": "CVE-2023-29404",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
},
{
"name": "CVE-2025-21763",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21763"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2025-40780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40780"
},
{
"name": "CVE-2023-48368",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48368"
},
{
"name": "CVE-2014-4715",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4715"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2022-48554",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48554"
},
{
"name": "CVE-2022-0563",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0563"
},
{
"name": "CVE-2025-38157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38157"
},
{
"name": "CVE-2023-24757",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24757"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2025-21678",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21678"
},
{
"name": "CVE-2025-4056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4056"
},
{
"name": "CVE-2024-28757",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28757"
},
{
"name": "CVE-2020-29562",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29562"
},
{
"name": "CVE-2022-31683",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31683"
},
{
"name": "CVE-2020-22218",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22218"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-53062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53062"
},
{
"name": "CVE-2015-4776",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4776"
},
{
"name": "CVE-2025-21872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21872"
},
{
"name": "CVE-2017-3616",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3616"
},
{
"name": "CVE-2021-2163",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2163"
},
{
"name": "CVE-2025-21922",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21922"
},
{
"name": "CVE-2025-27817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27817"
},
{
"name": "CVE-2023-30086",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30086"
},
{
"name": "CVE-2017-6832",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6832"
},
{
"name": "CVE-2022-2208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2208"
},
{
"name": "CVE-2024-45720",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45720"
},
{
"name": "CVE-2022-1056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1056"
},
{
"name": "CVE-2018-10805",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10805"
},
{
"name": "CVE-2019-19906",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19906"
},
{
"name": "CVE-2025-38219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38219"
},
{
"name": "CVE-2015-4785",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4785"
},
{
"name": "CVE-2025-38466",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38466"
},
{
"name": "CVE-2022-24921",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
},
{
"name": "CVE-2022-32208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
},
{
"name": "CVE-2020-15095",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15095"
},
{
"name": "CVE-2018-16328",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16328"
},
{
"name": "CVE-2024-38949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38949"
},
{
"name": "CVE-2022-28327",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
},
{
"name": "CVE-2025-5745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5745"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2022-43239",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43239"
},
{
"name": "CVE-2022-41409",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41409"
},
{
"name": "CVE-2022-32546",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32546"
},
{
"name": "CVE-2025-0838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0838"
},
{
"name": "CVE-2024-57980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57980"
},
{
"name": "CVE-2023-5441",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5441"
},
{
"name": "CVE-2025-55553",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55553"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2024-58011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58011"
},
{
"name": "CVE-2025-21796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21796"
},
{
"name": "CVE-2024-12086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12086"
},
{
"name": "CVE-2025-27219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27219"
},
{
"name": "CVE-2025-21691",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21691"
},
{
"name": "CVE-2021-4219",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4219"
},
{
"name": "CVE-2018-15798",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15798"
},
{
"name": "CVE-2025-55154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55154"
},
{
"name": "CVE-2025-49146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49146"
},
{
"name": "CVE-2025-40026",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40026"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2022-3153",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3153"
},
{
"name": "CVE-2022-2057",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2057"
},
{
"name": "CVE-2025-5197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5197"
},
{
"name": "CVE-2023-45283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45283"
},
{
"name": "CVE-2023-39328",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39328"
},
{
"name": "CVE-2023-45853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
},
{
"name": "CVE-2024-47611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47611"
},
{
"name": "CVE-2017-11447",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11447"
},
{
"name": "CVE-2019-8323",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8323"
},
{
"name": "CVE-2023-39593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39593"
},
{
"name": "CVE-2025-45582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
},
{
"name": "CVE-2025-46569",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46569"
},
{
"name": "CVE-2024-21068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21068"
},
{
"name": "CVE-2018-14434",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14434"
},
{
"name": "CVE-2019-6293",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6293"
},
{
"name": "CVE-2025-30703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30703"
},
{
"name": "CVE-2025-21738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21738"
},
{
"name": "CVE-2022-48522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48522"
},
{
"name": "CVE-2025-21684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21684"
},
{
"name": "CVE-2023-50868",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50868"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2023-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21830"
},
{
"name": "CVE-2023-26965",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26965"
},
{
"name": "CVE-2023-2602",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2602"
},
{
"name": "CVE-2021-2161",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2161"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2017-10140",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10140"
},
{
"name": "CVE-2021-2341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2341"
},
{
"name": "CVE-2021-3468",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3468"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2024-58061",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58061"
},
{
"name": "CVE-2025-46148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46148"
},
{
"name": "CVE-2024-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58058"
},
{
"name": "CVE-2025-21768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21768"
},
{
"name": "CVE-2025-21864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21864"
},
{
"name": "CVE-2025-2149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2149"
},
{
"name": "CVE-2021-3502",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3502"
},
{
"name": "CVE-2025-6052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6052"
},
{
"name": "CVE-2018-16329",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16329"
},
{
"name": "CVE-2022-41725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
},
{
"name": "CVE-2025-24813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24813"
},
{
"name": "CVE-2024-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58056"
},
{
"name": "CVE-2023-52426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52426"
},
{
"name": "CVE-2025-50080",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50080"
},
{
"name": "CVE-2025-21725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21725"
},
{
"name": "CVE-2024-43790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43790"
},
{
"name": "CVE-2025-38313",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38313"
},
{
"name": "CVE-2025-38336",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38336"
},
{
"name": "CVE-2022-2058",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2058"
},
{
"name": "CVE-2025-22009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22009"
},
{
"name": "CVE-2025-38061",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38061"
},
{
"name": "CVE-2022-45061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
},
{
"name": "CVE-2025-21727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21727"
},
{
"name": "CVE-2024-45492",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45492"
},
{
"name": "CVE-2015-4764",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4764"
},
{
"name": "CVE-2025-22228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22228"
},
{
"name": "CVE-2022-43240",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43240"
},
{
"name": "CVE-2020-1752",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1752"
},
{
"name": "CVE-2025-5987",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5987"
},
{
"name": "CVE-2023-4091",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4091"
},
{
"name": "CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"name": "CVE-2025-38375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38375"
},
{
"name": "CVE-2015-4779",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4779"
},
{
"name": "CVE-2021-20312",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20312"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2025-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2953"
},
{
"name": "CVE-2020-14593",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14593"
},
{
"name": "CVE-2025-21904",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21904"
},
{
"name": "CVE-2019-20838",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20838"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"name": "CVE-2025-50078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50078"
},
{
"name": "CVE-2022-28739",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28739"
},
{
"name": "CVE-2024-26726",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26726"
},
{
"name": "CVE-2023-52593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52593"
},
{
"name": "CVE-2025-3933",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3933"
},
{
"name": "CVE-2023-26785",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26785"
},
{
"name": "CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"name": "CVE-2020-14664",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14664"
},
{
"name": "CVE-2023-48235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48235"
},
{
"name": "CVE-2024-57970",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57970"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-21668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21668"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2022-32207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
},
{
"name": "CVE-2024-44939",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44939"
},
{
"name": "CVE-2024-43374",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43374"
},
{
"name": "CVE-2023-50782",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50782"
},
{
"name": "CVE-2025-21929",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21929"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2022-41722",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41722"
},
{
"name": "CVE-2022-3627",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3627"
},
{
"name": "CVE-2020-14797",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14797"
},
{
"name": "CVE-2025-21735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21735"
},
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2024-27280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27280"
},
{
"name": "CVE-2025-3000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3000"
},
{
"name": "CVE-2022-3213",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3213"
},
{
"name": "CVE-2022-2867",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2867"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2021-23177",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23177"
},
{
"name": "CVE-2020-14798",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14798"
},
{
"name": "CVE-2007-4559",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4559"
},
{
"name": "CVE-2025-21839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21839"
},
{
"name": "CVE-2025-38112",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38112"
},
{
"name": "CVE-2025-5878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5878"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2022-3715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3715"
},
{
"name": "CVE-2023-4016",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4016"
},
{
"name": "CVE-2024-58063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58063"
},
{
"name": "CVE-2015-4780",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4780"
},
{
"name": "CVE-2024-41957",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41957"
},
{
"name": "CVE-2025-38500",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38500"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2025-24293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24293"
},
{
"name": "CVE-2025-8961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8961"
},
{
"name": "CVE-2025-21977",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21977"
},
{
"name": "CVE-2022-25147",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25147"
},
{
"name": "CVE-2025-21779",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21779"
},
{
"name": "CVE-2024-58005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58005"
},
{
"name": "CVE-2025-21674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21674"
},
{
"name": "CVE-2022-3598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3598"
},
{
"name": "CVE-2025-30696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30696"
},
{
"name": "CVE-2023-0798",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0798"
},
{
"name": "CVE-2025-21918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21918"
},
{
"name": "CVE-2025-38203",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38203"
},
{
"name": "CVE-2023-45285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45285"
},
{
"name": "CVE-2022-0909",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0909"
},
{
"name": "CVE-2025-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8176"
},
{
"name": "CVE-2023-28154",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28154"
},
{
"name": "CVE-2023-48231",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48231"
},
{
"name": "CVE-2025-55752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55752"
},
{
"name": "CVE-2023-38633",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38633"
},
{
"name": "CVE-2025-21948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21948"
},
{
"name": "CVE-2023-2609",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2609"
},
{
"name": "CVE-2025-53905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53905"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2021-46312",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46312"
},
{
"name": "CVE-2018-14628",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14628"
},
{
"name": "CVE-2022-21299",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21299"
},
{
"name": "CVE-2022-38476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38476"
},
{
"name": "CVE-2019-6461",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6461"
},
{
"name": "CVE-2022-3515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3515"
},
{
"name": "CVE-2025-38004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38004"
},
{
"name": "CVE-2020-2773",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2773"
},
{
"name": "CVE-2015-5262",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5262"
},
{
"name": "CVE-2022-43244",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43244"
},
{
"name": "CVE-2024-24783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
},
{
"name": "CVE-2025-21753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21753"
},
{
"name": "CVE-2017-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6004"
},
{
"name": "CVE-2023-45284",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45284"
},
{
"name": "CVE-2015-7696",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7696"
},
{
"name": "CVE-2023-29403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29403"
},
{
"name": "CVE-2025-38387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38387"
},
{
"name": "CVE-2023-45922",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45922"
},
{
"name": "CVE-2015-4754",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4754"
},
{
"name": "CVE-2025-21699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21699"
},
{
"name": "CVE-2025-38362",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38362"
},
{
"name": "CVE-2022-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
},
{
"name": "CVE-2023-45322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45322"
},
{
"name": "CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2022-39046",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39046"
},
{
"name": "CVE-2020-14578",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14578"
},
{
"name": "CVE-2025-21584",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21584"
},
{
"name": "CVE-2022-42916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
},
{
"name": "CVE-2025-40004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40004"
},
{
"name": "CVE-2017-7619",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7619"
},
{
"name": "CVE-2024-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8176"
},
{
"name": "CVE-2020-2805",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2805"
},
{
"name": "CVE-2025-21712",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21712"
},
{
"name": "CVE-2025-38371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38371"
},
{
"name": "CVE-2023-2731",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2731"
},
{
"name": "CVE-2025-58767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58767"
},
{
"name": "CVE-2021-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
},
{
"name": "CVE-2024-57982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57982"
},
{
"name": "CVE-2025-38445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38445"
},
{
"name": "CVE-2024-38819",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38819"
},
{
"name": "CVE-2023-0803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0803"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2025-21746",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21746"
},
{
"name": "CVE-2022-0391",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0391"
},
{
"name": "CVE-2023-1170",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1170"
},
{
"name": "CVE-2022-24070",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24070"
},
{
"name": "CVE-2025-38461",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38461"
},
{
"name": "CVE-2019-17547",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17547"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2021-36411",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36411"
},
{
"name": "CVE-2023-30774",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30774"
},
{
"name": "CVE-2018-10919",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10919"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2020-2830",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2830"
},
{
"name": "CVE-2025-53014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53014"
},
{
"name": "CVE-2025-7962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7962"
},
{
"name": "CVE-2022-21624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21624"
},
{
"name": "CVE-2020-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2781"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2018-10804",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10804"
},
{
"name": "CVE-2025-38159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38159"
},
{
"name": "CVE-2022-0907",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0907"
},
{
"name": "CVE-2021-3421",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3421"
},
{
"name": "CVE-2022-21305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21305"
},
{
"name": "CVE-2025-38066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38066"
},
{
"name": "CVE-2023-29405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
},
{
"name": "CVE-2021-3670",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3670"
},
{
"name": "CVE-2021-38297",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38297"
},
{
"name": "CVE-2025-4373",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4373"
},
{
"name": "CVE-2015-4790",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4790"
},
{
"name": "CVE-2025-4598",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4598"
},
{
"name": "CVE-2025-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27144"
},
{
"name": "CVE-2025-21836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21836"
},
{
"name": "CVE-2025-21715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21715"
},
{
"name": "CVE-2024-6174",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6174"
},
{
"name": "CVE-2022-30629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
},
{
"name": "CVE-2020-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10735"
},
{
"name": "CVE-2025-38305",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38305"
},
{
"name": "CVE-2020-14556",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14556"
},
{
"name": "CVE-2025-38067",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38067"
},
{
"name": "CVE-2025-50085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50085"
},
{
"name": "CVE-2025-21781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21781"
},
{
"name": "CVE-2024-58054",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58054"
},
{
"name": "CVE-2024-43398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43398"
},
{
"name": "CVE-2020-14792",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14792"
},
{
"name": "CVE-2019-16776",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16776"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2023-6779",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6779"
},
{
"name": "CVE-2022-28738",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28738"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2024-8508",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8508"
},
{
"name": "CVE-2023-45289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
},
{
"name": "CVE-2025-41248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41248"
},
{
"name": "CVE-2022-49043",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49043"
},
{
"name": "CVE-2015-2624",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2624"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2025-40364",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40364"
},
{
"name": "CVE-2023-29491",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29491"
},
{
"name": "CVE-2025-38068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38068"
},
{
"name": "CVE-2025-61985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61985"
},
{
"name": "CVE-2013-2064",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2064"
},
{
"name": "CVE-2025-38401",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38401"
},
{
"name": "CVE-2025-21772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21772"
},
{
"name": "CVE-2021-20266",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20266"
},
{
"name": "CVE-2022-21271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21271"
},
{
"name": "CVE-2024-58070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58070"
},
{
"name": "CVE-2025-61919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61919"
},
{
"name": "CVE-2023-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25193"
},
{
"name": "CVE-2024-34447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
},
{
"name": "CVE-2020-25663",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25663"
},
{
"name": "CVE-2022-0156",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0156"
},
{
"name": "CVE-2025-21914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21914"
},
{
"name": "CVE-2024-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58057"
},
{
"name": "CVE-2025-0306",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0306"
},
{
"name": "CVE-2025-1371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1371"
},
{
"name": "CVE-2024-12798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
},
{
"name": "CVE-2022-40897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
},
{
"name": "CVE-2024-58007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58007"
},
{
"name": "CVE-2023-1355",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1355"
},
{
"name": "CVE-2025-21995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21995"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2025-21868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21868"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-5372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5372"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2022-37967",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37967"
},
{
"name": "CVE-2022-22844",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22844"
},
{
"name": "CVE-2025-21915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21915"
},
{
"name": "CVE-2019-13232",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13232"
},
{
"name": "CVE-2025-27210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27210"
},
{
"name": "CVE-2025-38102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38102"
},
{
"name": "CVE-2024-33600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33600"
},
{
"name": "CVE-2025-21792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21792"
},
{
"name": "CVE-2015-2654",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2654"
},
{
"name": "CVE-2025-55560",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55560"
},
{
"name": "CVE-2025-21728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21728"
},
{
"name": "CVE-2024-58018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58018"
},
{
"name": "CVE-2023-42669",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42669"
},
{
"name": "CVE-2022-1210",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1210"
},
{
"name": "CVE-2025-61771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61771"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2025-61770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61770"
},
{
"name": "CVE-2022-32148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2015-4778",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4778"
},
{
"name": "CVE-2023-42670",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42670"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2024-58090",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58090"
},
{
"name": "CVE-2025-59842",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59842"
},
{
"name": "CVE-2025-49125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49125"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2024-27766",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27766"
},
{
"name": "CVE-2025-37958",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37958"
},
{
"name": "CVE-2025-21714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21714"
},
{
"name": "CVE-2024-58078",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58078"
},
{
"name": "CVE-2023-32636",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32636"
},
{
"name": "CVE-2023-6277",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6277"
},
{
"name": "CVE-2025-48060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48060"
},
{
"name": "CVE-2025-21855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21855"
},
{
"name": "CVE-2025-38399",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38399"
},
{
"name": "CVE-2025-21972",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21972"
},
{
"name": "CVE-2025-38065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38065"
},
{
"name": "CVE-2025-38459",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38459"
},
{
"name": "CVE-2024-21510",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21510"
},
{
"name": "CVE-2023-34153",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34153"
},
{
"name": "CVE-2023-3618",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3618"
},
{
"name": "CVE-2020-14153",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14153"
},
{
"name": "CVE-2022-1114",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1114"
},
{
"name": "CVE-2023-48233",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48233"
},
{
"name": "CVE-2025-38412",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38412"
},
{
"name": "CVE-2025-38031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38031"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2022-21626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21626"
},
{
"name": "CVE-2011-2207",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2207"
},
{
"name": "CVE-2025-54874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54874"
},
{
"name": "CVE-2017-3617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3617"
},
{
"name": "CVE-2024-53124",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53124"
},
{
"name": "CVE-2025-38293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38293"
},
{
"name": "CVE-2025-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
},
{
"name": "CVE-2025-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21830"
},
{
"name": "CVE-2018-12600",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12600"
},
{
"name": "CVE-2025-4877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4877"
},
{
"name": "CVE-2021-41771",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41771"
},
{
"name": "CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"name": "CVE-2020-14781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14781"
},
{
"name": "CVE-2016-3189",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3189"
},
{
"name": "CVE-2023-4154",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4154"
},
{
"name": "CVE-2025-38184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38184"
},
{
"name": "CVE-2017-3615",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3615"
},
{
"name": "CVE-2022-0714",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0714"
},
{
"name": "CVE-2023-45290",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2025-9340",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9340"
},
{
"name": "CVE-2023-24758",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24758"
},
{
"name": "CVE-2025-55552",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55552"
},
{
"name": "CVE-2025-30683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30683"
},
{
"name": "CVE-2025-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30699"
},
{
"name": "CVE-2025-61921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61921"
},
{
"name": "CVE-2024-4030",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4030"
},
{
"name": "CVE-2025-27587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27587"
},
{
"name": "CVE-2016-7531",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7531"
},
{
"name": "CVE-2006-3082",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-3082"
},
{
"name": "CVE-2023-5341",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5341"
},
{
"name": "CVE-2025-8534",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8534"
},
{
"name": "CVE-2025-21767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21767"
},
{
"name": "CVE-2025-3262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3262"
},
{
"name": "CVE-2025-21986",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21986"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2025-1390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1390"
},
{
"name": "CVE-2024-33599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33599"
},
{
"name": "CVE-2023-34968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34968"
},
{
"name": "CVE-2024-0743",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0743"
},
{
"name": "CVE-2025-21961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21961"
},
{
"name": "CVE-2025-38458",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38458"
},
{
"name": "CVE-2025-6297",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6297"
},
{
"name": "CVE-2016-10062",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10062"
},
{
"name": "CVE-2025-21764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21764"
},
{
"name": "CVE-2024-57974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57974"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2023-34152",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34152"
},
{
"name": "CVE-2022-43249",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43249"
},
{
"name": "CVE-2025-38034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38034"
},
{
"name": "CVE-2024-58085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58085"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2017-3608",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3608"
},
{
"name": "CVE-2025-47268",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47268"
},
{
"name": "CVE-2025-21690",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21690"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2024-57996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57996"
},
{
"name": "CVE-2025-38135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38135"
},
{
"name": "CVE-2023-28484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
},
{
"name": "CVE-2022-43242",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43242"
},
{
"name": "CVE-2019-2708",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2708"
},
{
"name": "CVE-2025-38312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38312"
},
{
"name": "CVE-2016-0692",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0692"
},
{
"name": "CVE-2019-14844",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14844"
},
{
"name": "CVE-2022-21366",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21366"
},
{
"name": "CVE-2022-30630",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
},
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
},
{
"name": "CVE-2025-38464",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38464"
},
{
"name": "CVE-2025-21946",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21946"
},
{
"name": "CVE-2025-21838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21838"
},
{
"name": "CVE-2025-21982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21982"
},
{
"name": "CVE-2025-21867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21867"
},
{
"name": "CVE-2025-21666",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21666"
},
{
"name": "CVE-2023-0802",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0802"
},
{
"name": "CVE-2025-53859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53859"
},
{
"name": "CVE-2023-46219",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46219"
},
{
"name": "CVE-2025-47910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47910"
},
{
"name": "CVE-2025-21828",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21828"
},
{
"name": "CVE-2023-47038",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47038"
},
{
"name": "CVE-2025-23167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23167"
},
{
"name": "CVE-2025-38363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38363"
},
{
"name": "CVE-2025-21704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21704"
},
{
"name": "CVE-2025-21936",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21936"
},
{
"name": "CVE-2022-0865",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0865"
},
{
"name": "CVE-2023-5981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
},
{
"name": "CVE-2025-38319",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38319"
},
{
"name": "CVE-2025-43859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43859"
},
{
"name": "CVE-2024-58013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58013"
},
{
"name": "CVE-2022-0529",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0529"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2016-7514",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7514"
},
{
"name": "CVE-2015-4782",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4782"
},
{
"name": "CVE-2025-21909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21909"
},
{
"name": "CVE-2022-2056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2056"
},
{
"name": "CVE-2025-9092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9092"
},
{
"name": "CVE-2025-21766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21766"
},
{
"name": "CVE-2025-38457",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38457"
},
{
"name": "CVE-2024-54677",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54677"
},
{
"name": "CVE-2021-3598",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3598"
},
{
"name": "CVE-2025-21880",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21880"
},
{
"name": "CVE-2025-50094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50094"
},
{
"name": "CVE-2021-35559",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35559"
},
{
"name": "CVE-2025-21959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
},
{
"name": "CVE-2024-38809",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38809"
},
{
"name": "CVE-2025-38212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38212"
},
{
"name": "CVE-2017-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3610"
},
{
"name": "CVE-2023-1264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1264"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2024-58266",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58266"
},
{
"name": "CVE-2025-38298",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38298"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2025-50098",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50098"
},
{
"name": "CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"name": "CVE-2018-1000076",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000076"
},
{
"name": "CVE-2022-4293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4293"
},
{
"name": "CVE-2025-37974",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37974"
},
{
"name": "CVE-2025-5915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5915"
},
{
"name": "CVE-2024-57834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57834"
},
{
"name": "CVE-2025-55197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55197"
},
{
"name": "CVE-2022-32743",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32743"
},
{
"name": "CVE-2025-55558",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55558"
},
{
"name": "CVE-2022-21291",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21291"
},
{
"name": "CVE-2024-58017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58017"
},
{
"name": "CVE-2025-5917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5917"
},
{
"name": "CVE-2025-26603",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26603"
},
{
"name": "CVE-2023-35116",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35116"
},
{
"name": "CVE-2025-38078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38078"
},
{
"name": "CVE-2025-21809",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21809"
},
{
"name": "CVE-2025-38419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38419"
},
{
"name": "CVE-2024-45490",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45490"
},
{
"name": "CVE-2021-32490",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32490"
},
{
"name": "CVE-2020-27768",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27768"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
},
{
"name": "CVE-2025-50086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50086"
},
{
"name": "CVE-2016-5118",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5118"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2023-46045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46045"
},
{
"name": "CVE-2025-37889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37889"
},
{
"name": "CVE-2021-3995",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3995"
},
{
"name": "CVE-2015-4788",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4788"
},
{
"name": "CVE-2025-55557",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55557"
},
{
"name": "CVE-2024-12085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12085"
},
{
"name": "CVE-2022-24599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24599"
},
{
"name": "CVE-2025-21981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
},
{
"name": "CVE-2025-38211",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38211"
},
{
"name": "CVE-2025-2999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2999"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2025-21910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21910"
},
{
"name": "CVE-2021-35452",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35452"
},
{
"name": "CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"name": "CVE-2023-28319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28319"
},
{
"name": "CVE-2021-35565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35565"
},
{
"name": "CVE-2020-10251",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10251"
},
{
"name": "CVE-2024-11584",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11584"
},
{
"name": "CVE-2024-45491",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45491"
},
{
"name": "CVE-2025-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2020-2981",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2981"
},
{
"name": "CVE-2025-21745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21745"
},
{
"name": "CVE-2025-21791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21791"
},
{
"name": "CVE-2020-18781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18781"
},
{
"name": "CVE-2025-7709",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7709"
},
{
"name": "CVE-2024-52559",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52559"
},
{
"name": "CVE-2025-38077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38077"
},
{
"name": "CVE-2025-38251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38251"
},
{
"name": "CVE-2022-22576",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
},
{
"name": "CVE-2025-38120",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38120"
},
{
"name": "CVE-2017-7186",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7186"
},
{
"name": "CVE-2025-38285",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38285"
},
{
"name": "CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"name": "CVE-2025-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37750"
},
{
"name": "CVE-2021-39293",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39293"
},
{
"name": "CVE-2025-21795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21795"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2025-22014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
},
{
"name": "CVE-2025-38161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38161"
},
{
"name": "CVE-2025-9640",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9640"
},
{
"name": "CVE-2022-1897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1897"
},
{
"name": "CVE-2022-43248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43248"
},
{
"name": "CVE-2016-3418",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3418"
},
{
"name": "CVE-2022-29824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
},
{
"name": "CVE-2024-58081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58081"
},
{
"name": "CVE-2022-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
},
{
"name": "CVE-2024-11053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2025-21814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21814"
},
{
"name": "CVE-2025-50082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50082"
},
{
"name": "CVE-2017-6829",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6829"
},
{
"name": "CVE-2025-32462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32462"
},
{
"name": "CVE-2025-40027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40027"
},
{
"name": "CVE-2025-50097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50097"
},
{
"name": "CVE-2021-4214",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4214"
},
{
"name": "CVE-2025-21911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21911"
},
{
"name": "CVE-2023-24752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24752"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2024-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21742"
},
{
"name": "CVE-2022-43245",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43245"
},
{
"name": "CVE-2015-2656",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2656"
},
{
"name": "CVE-2025-50084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50084"
},
{
"name": "CVE-2018-9133",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9133"
},
{
"name": "CVE-2025-50079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50079"
},
{
"name": "CVE-2025-38115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38115"
},
{
"name": "CVE-2025-21758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21758"
},
{
"name": "CVE-2023-0767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0767"
},
{
"name": "CVE-2025-21816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21816"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2021-35603",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35603"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2021-36410",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36410"
},
{
"name": "CVE-2025-21780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21780"
},
{
"name": "CVE-2017-3612",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3612"
},
{
"name": "CVE-2024-12705",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12705"
},
{
"name": "CVE-2025-38153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38153"
},
{
"name": "CVE-2025-21787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21787"
},
{
"name": "CVE-2023-28487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28487"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2023-31439",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31439"
},
{
"name": "CVE-2023-51074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
},
{
"name": "CVE-2023-23915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2018-1000074",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000074"
},
{
"name": "CVE-2025-37785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
},
{
"name": "CVE-2025-21776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21776"
},
{
"name": "CVE-2024-58003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58003"
},
{
"name": "CVE-2025-21917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21917"
},
{
"name": "CVE-2025-21706",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21706"
},
{
"name": "CVE-2025-48964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48964"
},
{
"name": "CVE-2025-55193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55193"
},
{
"name": "CVE-2025-38395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38395"
},
{
"name": "CVE-2023-29499",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29499"
},
{
"name": "CVE-2025-21574",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21574"
},
{
"name": "CVE-2022-42011",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42011"
},
{
"name": "CVE-2023-39318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
},
{
"name": "CVE-2025-38337",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38337"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2025-38727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38727"
},
{
"name": "CVE-2022-41720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41720"
},
{
"name": "CVE-2024-1013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1013"
},
{
"name": "CVE-2022-0319",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0319"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2025-30258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30258"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2025-4565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4565"
},
{
"name": "CVE-2022-41716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41716"
},
{
"name": "CVE-2025-38465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38465"
},
{
"name": "CVE-2024-56406",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56406"
},
{
"name": "CVE-2025-38513",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38513"
},
{
"name": "CVE-2025-21736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21736"
},
{
"name": "CVE-2025-21997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21997"
},
{
"name": "CVE-2025-21741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21741"
},
{
"name": "CVE-2020-18032",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18032"
},
{
"name": "CVE-2017-6833",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6833"
},
{
"name": "CVE-2025-21808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21808"
},
{
"name": "CVE-2019-8324",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8324"
},
{
"name": "CVE-2020-2754",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2754"
},
{
"name": "CVE-2025-38086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38086"
},
{
"name": "CVE-2024-24788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24788"
},
{
"name": "CVE-2024-58076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58076"
},
{
"name": "CVE-2023-24751",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24751"
},
{
"name": "CVE-2025-21708",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21708"
},
{
"name": "CVE-2015-4784",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4784"
},
{
"name": "CVE-2021-4048",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4048"
},
{
"name": "CVE-2023-4527",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4527"
},
{
"name": "CVE-2022-2980",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2980"
},
{
"name": "CVE-2025-5278",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5278"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2025-21720",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21720"
},
{
"name": "CVE-2025-32463",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32463"
},
{
"name": "CVE-2015-7747",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7747"
},
{
"name": "CVE-2025-52999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52999"
},
{
"name": "CVE-2023-34055",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34055"
},
{
"name": "CVE-2024-41965",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41965"
},
{
"name": "CVE-2020-14796",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14796"
},
{
"name": "CVE-2024-56433",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2025-55004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55004"
},
{
"name": "CVE-2014-8139",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8139"
},
{
"name": "CVE-2025-21580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21580"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2025-5318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
},
{
"name": "CVE-2025-38003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38003"
},
{
"name": "CVE-2025-38441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38441"
},
{
"name": "CVE-2023-51767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51767"
},
{
"name": "CVE-2025-7783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
},
{
"name": "CVE-2023-6918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6918"
},
{
"name": "CVE-2023-38037",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38037"
},
{
"name": "CVE-2012-5783",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5783"
},
{
"name": "CVE-2022-2519",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2519"
},
{
"name": "CVE-2025-55754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55754"
},
{
"name": "CVE-2025-53023",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53023"
},
{
"name": "CVE-2025-21711",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21711"
},
{
"name": "CVE-2025-2998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2998"
},
{
"name": "CVE-2023-51792",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51792"
},
{
"name": "CVE-2021-20313",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20313"
},
{
"name": "CVE-2022-30633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
},
{
"name": "CVE-2023-23931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23931"
},
{
"name": "CVE-2025-21575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21575"
},
{
"name": "CVE-2025-21978",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21978"
},
{
"name": "CVE-2019-16777",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16777"
},
{
"name": "CVE-2025-21760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21760"
},
{
"name": "CVE-2023-45913",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45913"
},
{
"name": "CVE-2018-13153",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13153"
},
{
"name": "CVE-2022-0530",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0530"
},
{
"name": "CVE-2023-48236",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48236"
},
{
"name": "CVE-2025-21947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21947"
},
{
"name": "CVE-2025-21913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21913"
},
{
"name": "CVE-2023-34474",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34474"
},
{
"name": "CVE-2025-21665",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21665"
},
{
"name": "CVE-2025-38227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38227"
},
{
"name": "CVE-2018-1000079",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000079"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2024-58079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58079"
},
{
"name": "CVE-2025-21966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21966"
},
{
"name": "CVE-2025-21577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21577"
},
{
"name": "CVE-2021-45931",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45931"
},
{
"name": "CVE-2025-38079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38079"
},
{
"name": "CVE-2021-28544",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28544"
},
{
"name": "CVE-2021-46828",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46828"
},
{
"name": "CVE-2025-21734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21734"
},
{
"name": "CVE-2025-32728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32728"
},
{
"name": "CVE-2023-2804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2804"
},
{
"name": "CVE-2025-21970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
},
{
"name": "CVE-2021-44964",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44964"
},
{
"name": "CVE-2025-6141",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6141"
},
{
"name": "CVE-2022-42012",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42012"
},
{
"name": "CVE-2018-14437",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14437"
},
{
"name": "CVE-2024-13978",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13978"
},
{
"name": "CVE-2025-21890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21890"
},
{
"name": "CVE-2025-61984",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61984"
},
{
"name": "CVE-2021-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3596"
},
{
"name": "CVE-2025-21916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21916"
},
{
"name": "CVE-2025-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21925"
},
{
"name": "CVE-2024-57883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57883"
},
{
"name": "CVE-2022-21628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21628"
},
{
"name": "CVE-2017-6830",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6830"
},
{
"name": "CVE-2025-21927",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21927"
},
{
"name": "CVE-2021-3520",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3520"
},
{
"name": "CVE-2024-47814",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47814"
},
{
"name": "CVE-2022-2923",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2923"
},
{
"name": "CVE-2025-21799",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21799"
},
{
"name": "CVE-2024-21011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2015-2626",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2626"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2025-21748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21748"
},
{
"name": "CVE-2025-21785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21785"
},
{
"name": "CVE-2020-10029",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10029"
},
{
"name": "CVE-2025-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
},
{
"name": "CVE-2023-3978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
},
{
"name": "CVE-2021-46310",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46310"
},
{
"name": "CVE-2022-36227",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36227"
},
{
"name": "CVE-2021-2369",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2369"
},
{
"name": "CVE-2025-21883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21883"
},
{
"name": "CVE-2023-29469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2025-38074",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38074"
},
{
"name": "CVE-2024-58086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58086"
},
{
"name": "CVE-2025-38119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38119"
},
{
"name": "CVE-2025-38245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38245"
},
{
"name": "CVE-2022-37454",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37454"
},
{
"name": "CVE-2021-36770",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36770"
},
{
"name": "CVE-2025-21898",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21898"
},
{
"name": "CVE-2020-14152",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14152"
},
{
"name": "CVE-2025-38324",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38324"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2021-36976",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36976"
},
{
"name": "CVE-2024-58051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58051"
},
{
"name": "CVE-2023-3164",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3164"
},
{
"name": "CVE-2022-3597",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3597"
},
{
"name": "CVE-2023-27535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
},
{
"name": "CVE-2022-27775",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
},
{
"name": "CVE-2024-56337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56337"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2018-25032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
},
{
"name": "CVE-2025-9390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9390"
},
{
"name": "CVE-2025-62813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62813"
},
{
"name": "CVE-2025-21857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21857"
},
{
"name": "CVE-2019-9904",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9904"
},
{
"name": "CVE-2025-23085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23085"
},
{
"name": "CVE-2022-42919",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42919"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2025-9165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9165"
},
{
"name": "CVE-2023-1981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1981"
},
{
"name": "CVE-2023-30571",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30571"
},
{
"name": "CVE-2022-2231",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2231"
},
{
"name": "CVE-2025-46150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46150"
},
{
"name": "CVE-2024-12801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
},
{
"name": "CVE-2024-5642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
},
{
"name": "CVE-2024-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
},
{
"name": "CVE-2025-21812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21812"
},
{
"name": "CVE-2015-4781",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4781"
},
{
"name": "CVE-2023-23914",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
},
{
"name": "CVE-2025-38542",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38542"
},
{
"name": "CVE-2025-38344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38344"
},
{
"name": "CVE-2023-28120",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28120"
},
{
"name": "CVE-2025-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
},
{
"name": "CVE-2025-21848",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21848"
},
{
"name": "CVE-2021-3999",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3999"
},
{
"name": "CVE-2012-6153",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6153"
},
{
"name": "CVE-2025-38088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38088"
},
{
"name": "CVE-2025-50096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50096"
},
{
"name": "CVE-2022-30632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2022-27774",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
},
{
"name": "CVE-2025-21683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21683"
},
{
"name": "CVE-2025-38332",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38332"
},
{
"name": "CVE-2020-35492",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35492"
},
{
"name": "CVE-2025-21908",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21908"
},
{
"name": "CVE-2023-1289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1289"
},
{
"name": "CVE-2025-38386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38386"
},
{
"name": "CVE-2023-6349",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6349"
},
{
"name": "CVE-2024-2004",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2004"
},
{
"name": "CVE-2017-3605",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3605"
},
{
"name": "CVE-2025-9232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
},
{
"name": "CVE-2025-23165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23165"
},
{
"name": "CVE-2022-40303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
},
{
"name": "CVE-2023-0801",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0801"
},
{
"name": "CVE-2025-9341",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9341"
},
{
"name": "CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"name": "CVE-2017-7244",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7244"
},
{
"name": "CVE-2023-39319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
},
{
"name": "CVE-2025-21895",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21895"
},
{
"name": "CVE-2025-61795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61795"
},
{
"name": "CVE-2025-1377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1377"
},
{
"name": "CVE-2025-30705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30705"
},
{
"name": "CVE-2018-16412",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16412"
},
{
"name": "CVE-2025-22005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
},
{
"name": "CVE-2019-6462",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6462"
},
{
"name": "CVE-2025-21935",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21935"
},
{
"name": "CVE-2022-4645",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4645"
},
{
"name": "CVE-2021-32493",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32493"
},
{
"name": "CVE-2023-24754",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24754"
},
{
"name": "CVE-2020-29509",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29509"
},
{
"name": "CVE-2023-5568",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5568"
},
{
"name": "CVE-2023-38470",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38470"
},
{
"name": "CVE-2025-21675",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21675"
},
{
"name": "CVE-2023-34967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34967"
},
{
"name": "CVE-2025-38237",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38237"
},
{
"name": "CVE-2025-38174",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38174"
},
{
"name": "CVE-2025-8713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8713"
},
{
"name": "CVE-2025-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
},
{
"name": "CVE-2022-2869",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2869"
},
{
"name": "CVE-2021-4189",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4189"
},
{
"name": "CVE-2025-50088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50088"
},
{
"name": "CVE-2024-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
},
{
"name": "CVE-2023-35945",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35945"
},
{
"name": "CVE-2024-45993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45993"
},
{
"name": "CVE-2025-6170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6170"
},
{
"name": "CVE-2021-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
},
{
"name": "CVE-2024-58019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58019"
},
{
"name": "CVE-2025-9900",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9900"
},
{
"name": "CVE-2024-26146",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26146"
},
{
"name": "CVE-2025-21888",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21888"
},
{
"name": "CVE-2025-21866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21866"
},
{
"name": "CVE-2023-40745",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40745"
},
{
"name": "CVE-2022-1962",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2025-3730",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3730"
},
{
"name": "CVE-2025-22010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
},
{
"name": "CVE-2024-25260",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25260"
},
{
"name": "CVE-2024-21147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21147"
},
{
"name": "CVE-2025-38037",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38037"
},
{
"name": "CVE-2017-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3609"
},
{
"name": "CVE-2024-57990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57990"
},
{
"name": "CVE-2021-29921",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29921"
},
{
"name": "CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"name": "CVE-2014-9636",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9636"
},
{
"name": "CVE-2025-5351",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5351"
},
{
"name": "CVE-2025-52520",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52520"
},
{
"name": "CVE-2022-1622",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1622"
},
{
"name": "CVE-2017-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3611"
},
{
"name": "CVE-2024-53427",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
},
{
"name": "CVE-2022-2521",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2521"
},
{
"name": "CVE-2023-49582",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49582"
},
{
"name": "CVE-2025-43857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43857"
},
{
"name": "CVE-2025-31344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31344"
},
{
"name": "CVE-2025-21976",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21976"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2024-57975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57975"
},
{
"name": "CVE-2020-14581",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14581"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2021-32491",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32491"
},
{
"name": "CVE-2025-50077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50077"
},
{
"name": "CVE-2022-2309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2309"
},
{
"name": "CVE-2024-52533",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52533"
},
{
"name": "CVE-2023-24536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24536"
},
{
"name": "CVE-2023-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22025"
},
{
"name": "CVE-2021-43527",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43527"
},
{
"name": "CVE-2022-0924",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0924"
},
{
"name": "CVE-2025-24014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24014"
},
{
"name": "CVE-2022-33068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33068"
},
{
"name": "CVE-2025-38342",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38342"
},
{
"name": "CVE-2025-54988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54988"
},
{
"name": "CVE-2024-58068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58068"
},
{
"name": "CVE-2025-23083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23083"
},
{
"name": "CVE-2015-4777",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4777"
},
{
"name": "CVE-2025-7039",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7039"
},
{
"name": "CVE-2025-38167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38167"
},
{
"name": "CVE-2022-42915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
},
{
"name": "CVE-2023-0687",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0687"
},
{
"name": "CVE-2024-57998",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57998"
},
{
"name": "CVE-2021-3426",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3426"
},
{
"name": "CVE-2022-32221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
},
{
"name": "CVE-2022-1304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1304"
},
{
"name": "CVE-2021-2388",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2388"
},
{
"name": "CVE-2022-37434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
},
{
"name": "CVE-2025-38257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38257"
},
{
"name": "CVE-2022-29458",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29458"
},
{
"name": "CVE-2025-38206",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38206"
},
{
"name": "CVE-2019-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2024-39908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39908"
},
{
"name": "CVE-2025-27220",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27220"
},
{
"name": "CVE-2021-32256",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32256"
},
{
"name": "CVE-2022-22942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
},
{
"name": "CVE-2024-38950",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38950"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2025-21862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21862"
},
{
"name": "CVE-2023-47282",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47282"
},
{
"name": "CVE-2016-20012",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-20012"
},
{
"name": "CVE-2025-38111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38111"
},
{
"name": "CVE-2024-0553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0553"
},
{
"name": "CVE-2022-44638",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44638"
},
{
"name": "CVE-2019-8325",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8325"
},
{
"name": "CVE-2025-21950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21950"
},
{
"name": "CVE-2025-5918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5918"
},
{
"name": "CVE-2019-3792",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3792"
},
{
"name": "CVE-2022-43235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43235"
},
{
"name": "CVE-2025-50092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50092"
},
{
"name": "CVE-2025-50099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50099"
},
{
"name": "CVE-2017-3614",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3614"
},
{
"name": "CVE-2022-0562",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0562"
},
{
"name": "CVE-2022-28131",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
},
{
"name": "CVE-2025-22001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22001"
},
{
"name": "CVE-2024-10524",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10524"
},
{
"name": "CVE-2025-40017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40017"
},
{
"name": "CVE-2023-45919",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45919"
},
{
"name": "CVE-2025-38326",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38326"
},
{
"name": "CVE-2025-3263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3263"
},
{
"name": "CVE-2025-4878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4878"
},
{
"name": "CVE-2018-15607",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15607"
},
{
"name": "CVE-2025-21899",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21899"
},
{
"name": "CVE-2025-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
},
{
"name": "CVE-2025-38384",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38384"
},
{
"name": "CVE-2025-40778",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40778"
},
{
"name": "CVE-2025-21719",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21719"
},
{
"name": "CVE-2025-38424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38424"
},
{
"name": "CVE-2025-38430",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38430"
},
{
"name": "CVE-2025-21718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21718"
},
{
"name": "CVE-2025-3001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3001"
},
{
"name": "CVE-2025-9288",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9288"
},
{
"name": "CVE-2021-35588",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35588"
},
{
"name": "CVE-2022-32545",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32545"
},
{
"name": "CVE-2025-21694",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21694"
},
{
"name": "CVE-2025-41244",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41244"
},
{
"name": "CVE-2022-24675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
},
{
"name": "CVE-2023-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2603"
},
{
"name": "CVE-2025-21820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21820"
},
{
"name": "CVE-2017-6838",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6838"
},
{
"name": "CVE-2024-41946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41946"
},
{
"name": "CVE-2025-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
},
{
"name": "CVE-2024-21140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21140"
},
{
"name": "CVE-2024-41817",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41817"
},
{
"name": "CVE-2024-57979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57979"
},
{
"name": "CVE-2024-58071",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58071"
},
{
"name": "CVE-2025-21994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21994"
},
{
"name": "CVE-2025-30684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30684"
},
{
"name": "CVE-2017-6835",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6835"
},
{
"name": "CVE-2024-21094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
},
{
"name": "CVE-2025-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2023-0799",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0799"
},
{
"name": "CVE-2024-12087",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12087"
},
{
"name": "CVE-2025-38420",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38420"
},
{
"name": "CVE-2021-3521",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3521"
},
{
"name": "CVE-2022-23806",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23806"
},
{
"name": "CVE-2022-21365",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21365"
},
{
"name": "CVE-2025-21943",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21943"
},
{
"name": "CVE-2019-16775",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16775"
},
{
"name": "CVE-2024-57997",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57997"
},
{
"name": "CVE-2025-38160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38160"
},
{
"name": "CVE-2024-33601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33601"
},
{
"name": "CVE-2025-32989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
},
{
"name": "CVE-2025-6051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6051"
},
{
"name": "CVE-2022-21283",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21283"
},
{
"name": "CVE-2022-31782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31782"
},
{
"name": "CVE-2025-50093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50093"
},
{
"name": "CVE-2025-38107",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38107"
},
{
"name": "CVE-2025-32434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32434"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2025-53069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53069"
},
{
"name": "CVE-2025-38085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38085"
},
{
"name": "CVE-2025-21806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21806"
},
{
"name": "CVE-2025-38222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38222"
},
{
"name": "CVE-2025-38197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38197"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2022-43253",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43253"
},
{
"name": "CVE-2021-36221",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36221"
},
{
"name": "CVE-2024-57977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57977"
},
{
"name": "CVE-2018-1000075",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000075"
},
{
"name": "CVE-2025-53019",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53019"
},
{
"name": "CVE-2020-14782",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14782"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2024-5569",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5569"
},
{
"name": "CVE-2024-57952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57952"
},
{
"name": "CVE-2025-53367",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53367"
},
{
"name": "CVE-2025-21579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21579"
},
{
"name": "CVE-2021-45942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45942"
},
{
"name": "CVE-2022-1615",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1615"
},
{
"name": "CVE-2025-21928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21928"
},
{
"name": "CVE-2021-20246",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20246"
},
{
"name": "CVE-2025-21707",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21707"
},
{
"name": "CVE-2023-24755",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24755"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"name": "CVE-2025-5025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5025"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2022-23773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23773"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2023-24539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
},
{
"name": "CVE-2024-27281",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27281"
},
{
"name": "CVE-2025-38467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38467"
},
{
"name": "CVE-2024-34459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34459"
},
{
"name": "CVE-2025-21804",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21804"
},
{
"name": "CVE-2021-34558",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34558"
},
{
"name": "CVE-2021-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3737"
},
{
"name": "CVE-2025-49795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49795"
},
{
"name": "CVE-2017-6837",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6837"
},
{
"name": "CVE-2014-9913",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9913"
},
{
"name": "CVE-2025-21934",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21934"
},
{
"name": "CVE-2025-38072",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38072"
},
{
"name": "CVE-2025-53044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53044"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2024-37407",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37407"
},
{
"name": "CVE-2015-4775",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4775"
},
{
"name": "CVE-2025-22011",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22011"
},
{
"name": "CVE-2022-1725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1725"
},
{
"name": "CVE-2022-43252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43252"
},
{
"name": "CVE-2023-0614",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0614"
},
{
"name": "CVE-2016-0694",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0694"
},
{
"name": "CVE-2023-6228",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6228"
},
{
"name": "CVE-2021-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
},
{
"name": "CVE-2024-5197",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5197"
},
{
"name": "CVE-2020-21606",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21606"
},
{
"name": "CVE-2025-38075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38075"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2022-40674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40674"
},
{
"name": "CVE-2025-1376",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1376"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2001-1269",
"url": "https://www.cve.org/CVERecord?id=CVE-2001-1269"
},
{
"name": "CVE-2025-50087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50087"
},
{
"name": "CVE-2024-22365",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22365"
},
{
"name": "CVE-2025-38058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38058"
},
{
"name": "CVE-2023-20873",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20873"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2025-38617",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38617"
},
{
"name": "CVE-2025-21762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21762"
},
{
"name": "CVE-2023-47169",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47169"
},
{
"name": "CVE-2025-38122",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38122"
},
{
"name": "CVE-2025-21801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21801"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2025-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
},
{
"name": "CVE-2025-38083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38083"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2023-0795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0795"
},
{
"name": "CVE-2015-2583",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2583"
},
{
"name": "CVE-2025-21692",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21692"
},
{
"name": "CVE-2025-38173",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38173"
},
{
"name": "CVE-2022-21434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21434"
},
{
"name": "CVE-2025-2148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2148"
},
{
"name": "CVE-2024-2236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2236"
},
{
"name": "CVE-2025-38143",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38143"
},
{
"name": "CVE-2023-4039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
},
{
"name": "CVE-2025-45768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45768"
},
{
"name": "CVE-2023-38469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38469"
},
{
"name": "CVE-2024-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38428"
},
{
"name": "CVE-2022-3821",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3821"
},
{
"name": "CVE-2014-3577",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3577"
},
{
"name": "CVE-2025-21869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21869"
},
{
"name": "CVE-2025-1365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1365"
},
{
"name": "CVE-2023-32570",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32570"
},
{
"name": "CVE-2025-54410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54410"
},
{
"name": "CVE-2023-52970",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52970"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2024-25062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25062"
},
{
"name": "CVE-2016-5841",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5841"
},
{
"name": "CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"name": "CVE-2025-53101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53101"
},
{
"name": "CVE-2022-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
},
{
"name": "CVE-2023-27534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2023-24532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
},
{
"name": "CVE-2023-27536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
},
{
"name": "CVE-2025-52434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52434"
},
{
"name": "CVE-2024-54458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54458"
},
{
"name": "CVE-2022-44267",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44267"
},
{
"name": "CVE-2024-26141",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26141"
},
{
"name": "CVE-2015-4783",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4783"
},
{
"name": "CVE-2019-8321",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8321"
},
{
"name": "CVE-2025-21826",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21826"
},
{
"name": "CVE-2025-29768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29768"
},
{
"name": "CVE-2015-4774",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4774"
},
{
"name": "CVE-2023-50495",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50495"
},
{
"name": "CVE-2022-23772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23772"
},
{
"name": "CVE-2022-21294",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21294"
},
{
"name": "CVE-2025-21750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21750"
},
{
"name": "CVE-2017-11164",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11164"
},
{
"name": "CVE-2024-57924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57924"
},
{
"name": "CVE-2025-21912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21912"
},
{
"name": "CVE-2018-13440",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13440"
},
{
"name": "CVE-2022-42898",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42898"
},
{
"name": "CVE-2025-46393",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46393"
},
{
"name": "CVE-2022-43551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
},
{
"name": "CVE-2021-0561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0561"
},
{
"name": "CVE-2018-12599",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12599"
},
{
"name": "CVE-2025-21859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21859"
},
{
"name": "CVE-2025-38416",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38416"
},
{
"name": "CVE-2022-1587",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1587"
},
{
"name": "CVE-2025-21825",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21825"
},
{
"name": "CVE-2025-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
},
{
"name": "CVE-2017-7246",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7246"
},
{
"name": "CVE-2020-2755",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2755"
},
{
"name": "CVE-2025-8714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8714"
},
{
"name": "CVE-2023-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
},
{
"name": "CVE-2022-0284",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0284"
},
{
"name": "CVE-2017-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
},
{
"name": "CVE-2025-9086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
},
{
"name": "CVE-2025-49124",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49124"
},
{
"name": "CVE-2023-6481",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6481"
},
{
"name": "CVE-2024-58016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58016"
},
{
"name": "CVE-2020-14779",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14779"
},
{
"name": "CVE-2025-21903",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21903"
},
{
"name": "CVE-2021-41772",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41772"
},
{
"name": "CVE-2021-32292",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32292"
},
{
"name": "CVE-2025-38194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38194"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2023-6378",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6378"
},
{
"name": "CVE-2024-10041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2022-34903",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34903"
},
{
"name": "CVE-2023-1667",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1667"
},
{
"name": "CVE-2022-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2953"
},
{
"name": "CVE-2022-43238",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43238"
},
{
"name": "CVE-2025-3121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3121"
},
{
"name": "CVE-2022-4899",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4899"
},
{
"name": "CVE-2022-43680",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2024-20696",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20696"
},
{
"name": "CVE-2025-21761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21761"
},
{
"name": "CVE-2025-46149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46149"
},
{
"name": "CVE-2021-26945",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26945"
},
{
"name": "CVE-2025-37932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
},
{
"name": "CVE-2022-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3219"
},
{
"name": "CVE-2025-46152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46152"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2024-57951",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57951"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"name": "CVE-2025-38348",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38348"
},
{
"name": "CVE-2023-34969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34969"
},
{
"name": "CVE-2025-21844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21844"
},
{
"name": "CVE-2025-21885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21885"
},
{
"name": "CVE-2020-22916",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22916"
},
{
"name": "CVE-2025-21784",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21784"
},
{
"name": "CVE-2025-31672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31672"
},
{
"name": "CVE-2025-21681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21681"
},
{
"name": "CVE-2023-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22045"
},
{
"name": "CVE-2025-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38540"
},
{
"name": "CVE-2025-5916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5916"
},
{
"name": "CVE-2025-21676",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21676"
},
{
"name": "CVE-2025-30721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30721"
},
{
"name": "CVE-2025-38403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38403"
},
{
"name": "CVE-2022-28463",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28463"
},
{
"name": "CVE-2022-23308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23308"
},
{
"name": "CVE-2025-21726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21726"
},
{
"name": "CVE-2023-29400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
},
{
"name": "CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2018-3779",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3779"
},
{
"name": "CVE-2024-21138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21138"
},
{
"name": "CVE-2020-28196",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28196"
},
{
"name": "CVE-2024-27407",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27407"
},
{
"name": "CVE-2025-41232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41232"
},
{
"name": "CVE-2024-58020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58020"
},
{
"name": "CVE-2025-50091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50091"
},
{
"name": "CVE-2025-10911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10911"
},
{
"name": "CVE-2025-32988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
},
{
"name": "CVE-2021-31566",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31566"
},
{
"name": "CVE-2024-10963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10963"
},
{
"name": "CVE-2022-28805",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28805"
},
{
"name": "CVE-2024-26461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
},
{
"name": "CVE-2024-34750",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34750"
},
{
"name": "CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"name": "CVE-2017-3604",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3604"
},
{
"name": "CVE-2025-21723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21723"
},
{
"name": "CVE-2023-0804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0804"
},
{
"name": "CVE-2023-22049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
},
{
"name": "CVE-2024-24787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24787"
},
{
"name": "CVE-2025-21802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21802"
},
{
"name": "CVE-2022-21341",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21341"
},
{
"name": "CVE-2025-38146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38146"
},
{
"name": "CVE-2025-21705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21705"
},
{
"name": "CVE-2024-38828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38828"
},
{
"name": "CVE-2023-27538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
},
{
"name": "CVE-2022-1355",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1355"
},
{
"name": "CVE-2025-47291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47291"
},
{
"name": "CVE-2023-4641",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4641"
},
{
"name": "CVE-2025-27113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2023-36054",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36054"
},
{
"name": "CVE-2024-26458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
},
{
"name": "CVE-2025-38418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38418"
},
{
"name": "CVE-2025-38090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38090"
},
{
"name": "CVE-2025-21721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21721"
},
{
"name": "CVE-2025-21810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21810"
},
{
"name": "CVE-2022-1420",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1420"
},
{
"name": "CVE-2022-23218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23218"
},
{
"name": "CVE-2021-24031",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24031"
},
{
"name": "CVE-2025-23166",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23166"
},
{
"name": "CVE-2022-41724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
},
{
"name": "CVE-2025-46153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46153"
},
{
"name": "CVE-2025-21877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21877"
},
{
"name": "CVE-2023-0797",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0797"
},
{
"name": "CVE-2025-5994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5994"
},
{
"name": "CVE-2021-38115",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38115"
},
{
"name": "CVE-2025-38415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38415"
},
{
"name": "CVE-2021-31879",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31879"
},
{
"name": "CVE-2024-55549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
},
{
"name": "CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"name": "CVE-2024-49887",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49887"
},
{
"name": "CVE-2025-22134",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22134"
},
{
"name": "CVE-2021-35578",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35578"
},
{
"name": "CVE-2025-1215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1215"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2023-1916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1916"
},
{
"name": "CVE-2021-20309",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20309"
},
{
"name": "CVE-2022-29217",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29217"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2022-30634",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30634"
},
{
"name": "CVE-2023-38472",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38472"
},
{
"name": "CVE-2024-56826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56826"
},
{
"name": "CVE-2017-12643",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12643"
},
{
"name": "CVE-2024-57953",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57953"
},
{
"name": "CVE-2020-14583",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14583"
},
{
"name": "CVE-2025-24294",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24294"
},
{
"name": "CVE-2023-48232",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48232"
},
{
"name": "CVE-2021-26720",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26720"
},
{
"name": "CVE-2025-54801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54801"
},
{
"name": "CVE-2025-40909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40909"
},
{
"name": "CVE-2025-53054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53054"
},
{
"name": "CVE-2025-21878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21878"
},
{
"name": "CVE-2023-24756",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24756"
},
{
"name": "CVE-2017-3607",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3607"
},
{
"name": "CVE-2021-44716",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
},
{
"name": "CVE-2022-2520",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2520"
},
{
"name": "CVE-2022-21340",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21340"
},
{
"name": "CVE-2024-47874",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47874"
},
{
"name": "CVE-2025-21670",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21670"
},
{
"name": "CVE-2025-9403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9403"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2025-21739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21739"
},
{
"name": "CVE-2016-4074",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4074"
},
{
"name": "CVE-2024-0746",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0746"
},
{
"name": "CVE-2025-21775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21775"
},
{
"name": "CVE-2024-12254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12254"
},
{
"name": "CVE-2025-21846",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21846"
},
{
"name": "CVE-2022-33099",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33099"
},
{
"name": "CVE-2023-45931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45931"
},
{
"name": "CVE-2025-8114",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8114"
},
{
"name": "CVE-2025-38400",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38400"
},
{
"name": "CVE-2023-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6004"
},
{
"name": "CVE-2025-32387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32387"
},
{
"name": "CVE-2024-26775",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26775"
},
{
"name": "CVE-2022-25309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25309"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-38136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38136"
},
{
"name": "CVE-2024-38808",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38808"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2024-12747",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12747"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2023-41175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41175"
},
{
"name": "CVE-2023-48234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48234"
},
{
"name": "CVE-2025-55212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55212"
},
{
"name": "CVE-2022-36087",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36087"
},
{
"name": "CVE-2022-32547",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32547"
},
{
"name": "CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"name": "CVE-2022-0351",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0351"
},
{
"name": "CVE-2022-35737",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
},
{
"name": "CVE-2022-21293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21293"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2022-26280",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26280"
},
{
"name": "CVE-2025-37752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37752"
},
{
"name": "CVE-2025-55668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55668"
},
{
"name": "CVE-2023-7008",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7008"
},
{
"name": "CVE-2022-1354",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1354"
},
{
"name": "CVE-2023-24540",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
},
{
"name": "CVE-2025-21873",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21873"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2025-38048",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38048"
},
{
"name": "CVE-2019-13147",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13147"
},
{
"name": "CVE-2025-50104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50104"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2020-2800",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2800"
},
{
"name": "CVE-2024-8096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
},
{
"name": "CVE-2018-11655",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11655"
},
{
"name": "CVE-2022-4415",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4415"
},
{
"name": "CVE-2022-2928",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2928"
},
{
"name": "CVE-2025-21765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21765"
},
{
"name": "CVE-2023-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3576"
},
{
"name": "CVE-2025-38477",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38477"
},
{
"name": "CVE-2023-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
},
{
"name": "CVE-2025-61772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61772"
},
{
"name": "CVE-2025-57803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57803"
},
{
"name": "CVE-2023-46246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46246"
},
{
"name": "CVE-2025-21782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21782"
},
{
"name": "CVE-2023-31437",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31437"
},
{
"name": "CVE-2023-47039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47039"
},
{
"name": "CVE-2025-30722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30722"
},
{
"name": "CVE-2024-43802",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43802"
},
{
"name": "CVE-2025-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
},
{
"name": "CVE-2016-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2781"
},
{
"name": "CVE-2023-31484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31484"
},
{
"name": "CVE-2024-56827",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56827"
},
{
"name": "CVE-2023-29383",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
},
{
"name": "CVE-2024-21145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21145"
},
{
"name": "CVE-2022-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
},
{
"name": "CVE-2023-37769",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37769"
},
{
"name": "CVE-2025-21926",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21926"
},
{
"name": "CVE-2022-21282",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21282"
},
{
"name": "CVE-2022-21349",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21349"
},
{
"name": "CVE-2020-29511",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29511"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2015-7697",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7697"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21742"
},
{
"name": "CVE-2025-30687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30687"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2022-43243",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43243"
},
{
"name": "CVE-2024-58002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58002"
},
{
"name": "CVE-2017-16231",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16231"
},
{
"name": "CVE-2025-38406",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38406"
},
{
"name": "CVE-2025-50101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50101"
},
{
"name": "CVE-2025-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21930"
},
{
"name": "CVE-2021-35942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35942"
},
{
"name": "CVE-2025-46701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2025-32415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
},
{
"name": "CVE-2025-24855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24855"
},
{
"name": "CVE-2025-5702",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5702"
},
{
"name": "CVE-2025-21870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21870"
},
{
"name": "CVE-2017-9409",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9409"
},
{
"name": "CVE-2023-24537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24537"
},
{
"name": "CVE-2018-1000077",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000077"
},
{
"name": "CVE-2025-21892",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21892"
},
{
"name": "CVE-2024-58052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58052"
},
{
"name": "CVE-2025-21944",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21944"
},
{
"name": "CVE-2025-21905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21905"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2024-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23337"
},
{
"name": "CVE-2016-0689",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0689"
},
{
"name": "CVE-2025-38352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38352"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2024-54456",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54456"
},
{
"name": "CVE-2025-61748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61748"
},
{
"name": "CVE-2025-21920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21920"
},
{
"name": "CVE-2025-55554",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55554"
},
{
"name": "CVE-2024-43168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43168"
},
{
"name": "CVE-2014-8140",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8140"
},
{
"name": "CVE-2025-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
},
{
"name": "CVE-2025-22016",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22016"
},
{
"name": "CVE-2025-4207",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4207"
},
{
"name": "CVE-2021-45346",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45346"
},
{
"name": "CVE-2025-37756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37756"
},
{
"name": "CVE-2022-0908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0908"
},
{
"name": "CVE-2025-38263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38263"
},
{
"name": "CVE-2025-21667",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21667"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2024-46901",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46901"
},
{
"name": "CVE-2023-49083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49083"
},
{
"name": "CVE-2025-21955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21955"
},
{
"name": "CVE-2025-8677",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8677"
},
{
"name": "CVE-2025-21773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21773"
},
{
"name": "CVE-2025-53040",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53040"
},
{
"name": "CVE-2025-38218",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38218"
},
{
"name": "CVE-2023-45287",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45287"
},
{
"name": "CVE-2025-53906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53906"
},
{
"name": "CVE-2025-27789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27789"
},
{
"name": "CVE-2025-1352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1352"
},
{
"name": "CVE-2024-43167",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43167"
},
{
"name": "CVE-2021-28861",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28861"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2022-21248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21248"
},
{
"name": "CVE-2021-33574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33574"
},
{
"name": "CVE-2018-1000035",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000035"
},
{
"name": "CVE-2021-40211",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40211"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2024-58001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58001"
},
{
"name": "CVE-2025-38393",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38393"
},
{
"name": "CVE-2024-26256",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26256"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2019-18276",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18276"
},
{
"name": "CVE-2025-38618",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38618"
},
{
"name": "CVE-2021-3326",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3326"
},
{
"name": "CVE-2023-2283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2283"
},
{
"name": "CVE-2020-0499",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0499"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2025-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21724"
},
{
"name": "CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"name": "CVE-2025-8885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8885"
},
{
"name": "CVE-2025-3136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3136"
},
{
"name": "CVE-2025-55160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55160"
},
{
"name": "CVE-2025-21891",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21891"
},
{
"name": "CVE-2025-38249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38249"
},
{
"name": "CVE-2023-40403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40403"
},
{
"name": "CVE-2025-22013",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22013"
},
{
"name": "CVE-2024-50157",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50157"
},
{
"name": "CVE-2022-48703",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48703"
},
{
"name": "CVE-2025-38154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38154"
},
{
"name": "CVE-2022-1674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1674"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2025-21858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21858"
},
{
"name": "CVE-2025-41249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41249"
},
{
"name": "CVE-2022-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30699"
},
{
"name": "CVE-2025-21672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21672"
},
{
"name": "CVE-2025-38389",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38389"
},
{
"name": "CVE-2025-38448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38448"
},
{
"name": "CVE-2022-48281",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48281"
},
{
"name": "CVE-2023-2426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2426"
},
{
"name": "CVE-2021-35938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
},
{
"name": "CVE-2025-30704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30704"
},
{
"name": "CVE-2021-35564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35564"
},
{
"name": "CVE-2024-57949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57949"
},
{
"name": "CVE-2025-1632",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1632"
},
{
"name": "CVE-2021-20176",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20176"
},
{
"name": "CVE-2025-21979",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21979"
},
{
"name": "CVE-2022-3278",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3278"
},
{
"name": "CVE-2022-30580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
},
{
"name": "CVE-2025-21821",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21821"
},
{
"name": "CVE-2022-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28321"
},
{
"name": "CVE-2025-55298",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55298"
},
{
"name": "CVE-2022-43241",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43241"
},
{
"name": "CVE-2017-3606",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3606"
},
{
"name": "CVE-2023-52969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52969"
},
{
"name": "CVE-2018-1000073",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000073"
},
{
"name": "CVE-2025-38052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38052"
},
{
"name": "CVE-2025-38377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38377"
},
{
"name": "CVE-2023-20883",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20883"
},
{
"name": "CVE-2025-21733",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21733"
},
{
"name": "CVE-2023-22656",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22656"
},
{
"name": "CVE-2025-46551",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46551"
},
{
"name": "CVE-2025-43965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43965"
},
{
"name": "CVE-2022-40090",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40090"
},
{
"name": "CVE-2021-36408",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36408"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2025-53045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53045"
},
{
"name": "CVE-2023-39327",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39327"
},
{
"name": "CVE-2017-18253",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18253"
},
{
"name": "CVE-2024-12243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
},
{
"name": "CVE-2024-26462",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26462"
},
{
"name": "CVE-2024-58053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58053"
},
{
"name": "CVE-2025-38516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38516"
},
{
"name": "CVE-2025-30693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
},
{
"name": "CVE-2025-38462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38462"
},
{
"name": "CVE-2025-38350",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38350"
},
{
"name": "CVE-2025-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38428"
},
{
"name": "CVE-2025-27363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27363"
},
{
"name": "CVE-2018-13410",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13410"
},
{
"name": "CVE-2025-2099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2099"
},
{
"name": "CVE-2025-38262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38262"
},
{
"name": "CVE-2025-6638",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6638"
},
{
"name": "CVE-2025-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21585"
},
{
"name": "CVE-2023-24531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24531"
},
{
"name": "CVE-2025-38138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38138"
},
{
"name": "CVE-2021-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3610"
},
{
"name": "CVE-2024-58077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58077"
},
{
"name": "CVE-2025-5283",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5283"
},
{
"name": "CVE-2025-21754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21754"
},
{
"name": "CVE-2024-12088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12088"
},
{
"name": "CVE-2023-24538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
},
{
"name": "CVE-2025-38035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38035"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2025-37997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2021-44717",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44717"
},
{
"name": "CVE-2025-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
},
{
"name": "CVE-2025-0395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0395"
},
{
"name": "CVE-2025-53506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
},
{
"name": "CVE-2025-21960",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21960"
},
{
"name": "CVE-2025-38310",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38310"
},
{
"name": "CVE-2025-23084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23084"
},
{
"name": "CVE-2015-4786",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4786"
},
{
"name": "CVE-2020-14155",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14155"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2025-37963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37963"
},
{
"name": "CVE-2022-43250",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43250"
},
{
"name": "CVE-2022-40304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
},
{
"name": "CVE-2025-38226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38226"
},
{
"name": "CVE-2025-4947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4947"
},
{
"name": "CVE-2023-4911",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4911"
},
{
"name": "CVE-2022-29804",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29804"
},
{
"name": "CVE-2023-38473",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38473"
},
{
"name": "CVE-2025-38443",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38443"
},
{
"name": "CVE-2025-0725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2025-52099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52099"
},
{
"name": "CVE-2023-43887",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43887"
},
{
"name": "CVE-2025-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21967"
},
{
"name": "CVE-2025-7424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7424"
},
{
"name": "CVE-2025-1094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1094"
},
{
"name": "CVE-2021-24032",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24032"
},
{
"name": "CVE-2025-38439",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38439"
},
{
"name": "CVE-2022-1434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
},
{
"name": "CVE-2025-41254",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41254"
},
{
"name": "CVE-2022-21496",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21496"
},
{
"name": "CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"name": "CVE-2020-2757",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2757"
},
{
"name": "CVE-2025-53864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53864"
},
{
"name": "CVE-2025-38145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38145"
},
{
"name": "CVE-2022-2598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2598"
},
{
"name": "CVE-2020-27829",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27829"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2025-37948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37948"
},
{
"name": "CVE-2021-27645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27645"
},
{
"name": "CVE-2025-21863",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21863"
},
{
"name": "CVE-2025-21856",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21856"
},
{
"name": "CVE-2025-53053",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53053"
},
{
"name": "CVE-2022-2509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2509"
},
{
"name": "CVE-2024-28835",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28835"
},
{
"name": "CVE-2025-54388",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54388"
},
{
"name": "CVE-2025-21749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21749"
},
{
"name": "CVE-2017-6839",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6839"
},
{
"name": "CVE-2023-1906",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1906"
},
{
"name": "CVE-2025-40025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40025"
},
{
"name": "CVE-2025-38051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38051"
},
{
"name": "CVE-2021-35556",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35556"
},
{
"name": "CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"name": "CVE-2022-34526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34526"
},
{
"name": "CVE-2025-8058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8058"
},
{
"name": "CVE-2023-47471",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47471"
},
{
"name": "CVE-2022-2868",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2868"
},
{
"name": "CVE-2022-1771",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1771"
},
{
"name": "CVE-2025-21945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21945"
},
{
"name": "CVE-2021-32492",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32492"
},
{
"name": "CVE-2023-39323",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
},
{
"name": "CVE-2023-29402",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
},
{
"name": "CVE-2025-55005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55005"
},
{
"name": "CVE-2025-32955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32955"
},
{
"name": "CVE-2025-8732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8732"
},
{
"name": "CVE-2025-38044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38044"
},
{
"name": "CVE-2022-1586",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1586"
},
{
"name": "CVE-2023-39326",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
},
{
"name": "CVE-2024-52616",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52616"
},
{
"name": "CVE-2025-38498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38498"
},
{
"name": "CVE-2025-40015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40015"
},
{
"name": "CVE-2024-21085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
},
{
"name": "CVE-2025-21673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21673"
},
{
"name": "CVE-2025-21829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21829"
},
{
"name": "CVE-2025-21502",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21502"
},
{
"name": "CVE-2024-57999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57999"
},
{
"name": "CVE-2018-16645",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16645"
},
{
"name": "CVE-2025-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
},
{
"name": "CVE-2023-38039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38039"
},
{
"name": "CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"name": "CVE-2022-21443",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21443"
},
{
"name": "CVE-2025-21969",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21969"
},
{
"name": "CVE-2025-38200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38200"
},
{
"name": "CVE-2025-40007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40007"
},
{
"name": "CVE-2024-58072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58072"
},
{
"name": "CVE-2025-38273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38273"
},
{
"name": "CVE-2025-38346",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38346"
},
{
"name": "CVE-2025-55315",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55315"
},
{
"name": "CVE-2018-11813",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11813"
},
{
"name": "CVE-2025-21722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21722"
},
{
"name": "CVE-2024-50379",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50379"
},
{
"name": "CVE-2021-35560",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35560"
},
{
"name": "CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"name": "CVE-2025-21793",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21793"
},
{
"name": "CVE-2022-2719",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2719"
},
{
"name": "CVE-2025-21581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21581"
},
{
"name": "CVE-2022-45873",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45873"
},
{
"name": "CVE-2023-34151",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34151"
},
{
"name": "CVE-2023-51384",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51384"
},
{
"name": "CVE-2021-43809",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43809"
},
{
"name": "CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"name": "CVE-2015-1606",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1606"
},
{
"name": "CVE-2025-21894",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21894"
},
{
"name": "CVE-2025-21919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21919"
},
{
"name": "CVE-2023-3896",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3896"
},
{
"name": "CVE-2023-2908",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2908"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2025-58754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58754"
},
{
"name": "CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"name": "CVE-2023-24534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
},
{
"name": "CVE-2025-21854",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21854"
},
{
"name": "CVE-2017-7501",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7501"
},
{
"name": "CVE-2024-21131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21131"
},
{
"name": "CVE-2023-31486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31486"
},
{
"name": "CVE-2020-21599",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21599"
},
{
"name": "CVE-2025-41242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41242"
},
{
"name": "CVE-2024-21210",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
},
{
"name": "CVE-2013-0340",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0340"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2025-21759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21759"
},
{
"name": "CVE-2023-32611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32611"
},
{
"name": "CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2015-20107",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-20107"
},
{
"name": "CVE-2023-39978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39978"
},
{
"name": "CVE-2024-34397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34397"
},
{
"name": "CVE-2025-38320",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38320"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"name": "CVE-2025-8177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8177"
},
{
"name": "CVE-2025-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
},
{
"name": "CVE-2024-58083",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58083"
},
{
"name": "CVE-2021-20311",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20311"
},
{
"name": "CVE-2024-58055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58055"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2023-28486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28486"
},
{
"name": "CVE-2020-27618",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27618"
},
{
"name": "CVE-2024-57993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57993"
},
{
"name": "CVE-2025-21887",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21887"
},
{
"name": "CVE-2023-6246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6246"
},
{
"name": "CVE-2021-20241",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20241"
},
{
"name": "CVE-2017-12674",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12674"
},
{
"name": "CVE-2023-0800",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0800"
},
{
"name": "CVE-2025-62171",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62171"
},
{
"name": "CVE-2025-38280",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38280"
},
{
"name": "CVE-2023-5388",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5388"
},
{
"name": "CVE-2018-1000078",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000078"
},
{
"name": "CVE-2020-2756",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2756"
},
{
"name": "CVE-2025-50950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50950"
},
{
"name": "CVE-2020-21605",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21605"
},
{
"name": "CVE-2024-54534",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54534"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2025-38084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38084"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2022-23219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
},
{
"name": "CVE-2017-1000476",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000476"
},
{
"name": "CVE-2015-2640",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2640"
},
{
"name": "CVE-2025-30685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30685"
},
{
"name": "CVE-2024-41123",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41123"
},
{
"name": "CVE-2025-6921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6921"
},
{
"name": "CVE-2015-8863",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8863"
},
{
"name": "CVE-2022-21619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21619"
},
{
"name": "CVE-2025-30695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30695"
},
{
"name": "CVE-2025-30688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30688"
},
{
"name": "CVE-2023-5752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5752"
},
{
"name": "CVE-2018-11656",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11656"
},
{
"name": "CVE-2025-38103",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38103"
},
{
"name": "CVE-2022-2127",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2127"
},
{
"name": "CVE-2021-25217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25217"
},
{
"name": "CVE-2025-38514",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38514"
},
{
"name": "CVE-2018-19876",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19876"
},
{
"name": "CVE-2025-61780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61780"
},
{
"name": "CVE-2021-20310",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20310"
},
{
"name": "CVE-2021-20245",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20245"
},
{
"name": "CVE-2021-35561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35561"
},
{
"name": "CVE-2025-21732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21732"
},
{
"name": "CVE-2025-38569",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38569"
},
{
"name": "CVE-2022-21476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21476"
},
{
"name": "CVE-2023-22796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22796"
},
{
"name": "CVE-2025-21875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21875"
},
{
"name": "CVE-2023-0361",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0361"
},
{
"name": "CVE-2025-38204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38204"
},
{
"name": "CVE-2021-40812",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40812"
},
{
"name": "CVE-2021-4217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4217"
},
{
"name": "CVE-2023-32643",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32643"
},
{
"name": "CVE-2023-27537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27537"
},
{
"name": "CVE-2025-22015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22015"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2024-2961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2961"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2025-29786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29786"
},
{
"name": "CVE-2025-21832",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21832"
},
{
"name": "CVE-2024-12133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12133"
},
{
"name": "CVE-2024-24784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
},
{
"name": "CVE-2022-27780",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
},
{
"name": "CVE-2018-9135",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9135"
},
{
"name": "CVE-2025-38410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38410"
},
{
"name": "CVE-2025-21790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21790"
},
{
"name": "CVE-2024-52316",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52316"
},
{
"name": "CVE-2024-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
},
{
"name": "CVE-2021-39212",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39212"
},
{
"name": "CVE-2024-28182",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28182"
},
{
"name": "CVE-2024-58014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58014"
},
{
"name": "CVE-2025-21680",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21680"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2017-12433",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12433"
},
{
"name": "CVE-2025-21924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21924"
},
{
"name": "CVE-2021-3574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3574"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"name": "CVE-2022-21541",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21541"
},
{
"name": "CVE-2025-22227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22227"
},
{
"name": "CVE-2025-47273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"
},
{
"name": "CVE-2025-27221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27221"
},
{
"name": "CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"name": "CVE-2024-58006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58006"
},
{
"name": "CVE-2025-21710",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21710"
},
{
"name": "CVE-2022-21360",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21360"
},
{
"name": "CVE-2025-22088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22088"
},
{
"name": "CVE-2025-38460",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38460"
},
{
"name": "CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"name": "CVE-2022-25858",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25858"
},
{
"name": "CVE-2022-21296",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21296"
},
{
"name": "CVE-2022-48303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48303"
},
{
"name": "CVE-2025-38345",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38345"
},
{
"name": "CVE-2022-21540",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21540"
},
{
"name": "CVE-2025-21815",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21815"
},
{
"name": "CVE-2025-50083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50083"
},
{
"name": "CVE-2024-37371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37371"
},
{
"name": "CVE-2017-6836",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6836"
},
{
"name": "CVE-2021-3500",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3500"
},
{
"name": "CVE-2022-25310",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25310"
},
{
"name": "CVE-2023-38545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
},
{
"name": "CVE-2021-43618",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
},
{
"name": "CVE-2021-20251",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20251"
},
{
"name": "CVE-2025-21669",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21669"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
},
{
"name": "CVE-2021-33621",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33621"
},
{
"name": "CVE-2025-57807",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57807"
},
{
"name": "CVE-2025-38231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38231"
},
{
"name": "CVE-2022-26488",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26488"
},
{
"name": "CVE-2025-21716",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21716"
},
{
"name": "CVE-2024-49761",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49761"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2025-3777",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3777"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2024-0567",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0567"
},
{
"name": "CVE-2018-18384",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18384"
},
{
"name": "CVE-2024-58080",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58080"
},
{
"name": "CVE-2025-21744",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21744"
},
{
"name": "CVE-2024-21208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
},
{
"name": "CVE-2023-32665",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32665"
},
{
"name": "CVE-2025-31498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31498"
},
{
"name": "CVE-2022-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30698"
},
{
"name": "CVE-2023-31438",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31438"
},
{
"name": "CVE-2024-57986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57986"
},
{
"name": "CVE-2021-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37750"
},
{
"name": "CVE-2025-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3576"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
},
{
"name": "CVE-2021-20244",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20244"
},
{
"name": "CVE-2025-38181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38181"
},
{
"name": "CVE-2025-21835",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21835"
},
{
"name": "CVE-2025-38391",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38391"
},
{
"name": "CVE-2025-11411",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11411"
},
{
"name": "CVE-2020-14577",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14577"
},
{
"name": "CVE-2022-3570",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3570"
},
{
"name": "CVE-2016-9844",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9844"
},
{
"name": "CVE-2019-13136",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13136"
},
{
"name": "CVE-2025-49014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49014"
},
{
"name": "CVE-2021-36222",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36222"
},
{
"name": "CVE-2021-3941",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3941"
},
{
"name": "CVE-2022-0561",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0561"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2025-21811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21811"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
},
{
"name": "CVE-2025-11226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11226"
}
],
"initial_release_date": "2025-11-06T00:00:00",
"last_revision_date": "2025-11-06T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0969",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-11-06T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36320",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36320"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36423",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36423"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2022-19",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36364"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36351"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36424",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36424"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36412",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36412"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36388",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36388"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36426",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36426"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36411",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36411"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36357",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36357"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36408",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36408"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36349",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36349"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36414",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36414"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36397",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36397"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36389",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36389"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36398",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36398"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36380",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36380"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-41",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36407"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36362",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36362"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36413",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36413"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36384",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36384"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36379",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36379"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36400",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36400"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36377",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36377"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36368",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36368"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36418",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36418"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36420",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36420"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36391",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36391"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36392",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36392"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36353",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36353"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-14",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36356"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36422",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36422"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36381",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36381"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36421",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36421"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36416",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36416"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-86",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36415"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36403",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36403"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36347",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36347"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36383",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36383"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36410",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36410"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36352",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36352"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36394",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36394"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36354",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36354"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36399",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36399"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36350"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36419",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36419"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-85",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36401"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2022-19",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36365"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36405",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36405"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2018-27",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36367"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36395",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36395"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36387",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36387"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36363",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36363"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36385",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36385"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36409",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36409"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36359"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36348",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36348"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36386",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36386"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36417",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36417"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36425",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36425"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2018-27",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36366"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-44",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36360"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36355",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36355"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36358"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36396",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36396"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36378",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36378"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36382",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36382"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36404",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36404"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-44",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36361"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36402",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36402"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36393",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36393"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36406",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36406"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36390",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36390"
}
]
}
CERTFR-2025-AVI-0789
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "QRadar App SDK versions ant\u00e9rieures \u00e0 2.2.4",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Investigation Assistant versions ant\u00e9rieures \u00e0 1.1.1",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar SIEM versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP13 IF02 ",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-38380",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38380"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2025-21727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21727"
},
{
"name": "CVE-2025-38159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38159"
},
{
"name": "CVE-2025-38250",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38250"
},
{
"name": "CVE-2025-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2025-6032",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6032"
},
{
"name": "CVE-2025-7783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
},
{
"name": "CVE-2025-22058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22058"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2021-47670",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47670"
},
{
"name": "CVE-2025-38085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38085"
},
{
"name": "CVE-2024-56644",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56644"
},
{
"name": "CVE-2025-22097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22097"
},
{
"name": "CVE-2025-26791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26791"
},
{
"name": "CVE-2025-37914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37914"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2025-5994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5994"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2023-49083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49083"
},
{
"name": "CVE-2025-38200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38200"
},
{
"name": "CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"name": "CVE-2025-21759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21759"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0789",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-09-12T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2025-09-12",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7244786",
"url": "https://www.ibm.com/support/pages/node/7244786"
},
{
"published_at": "2025-09-08",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7244264",
"url": "https://www.ibm.com/support/pages/node/7244264"
},
{
"published_at": "2025-09-10",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7244494",
"url": "https://www.ibm.com/support/pages/node/7244494"
}
]
}
CERTFR-2025-AVI-0789
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "QRadar App SDK versions ant\u00e9rieures \u00e0 2.2.4",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Investigation Assistant versions ant\u00e9rieures \u00e0 1.1.1",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar SIEM versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP13 IF02 ",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-38380",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38380"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2025-21727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21727"
},
{
"name": "CVE-2025-38159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38159"
},
{
"name": "CVE-2025-38250",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38250"
},
{
"name": "CVE-2025-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2025-6032",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6032"
},
{
"name": "CVE-2025-7783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
},
{
"name": "CVE-2025-22058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22058"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2021-47670",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47670"
},
{
"name": "CVE-2025-38085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38085"
},
{
"name": "CVE-2024-56644",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56644"
},
{
"name": "CVE-2025-22097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22097"
},
{
"name": "CVE-2025-26791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26791"
},
{
"name": "CVE-2025-37914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37914"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2025-5994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5994"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2023-49083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49083"
},
{
"name": "CVE-2025-38200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38200"
},
{
"name": "CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"name": "CVE-2025-21759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21759"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0789",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-09-12T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2025-09-12",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7244786",
"url": "https://www.ibm.com/support/pages/node/7244786"
},
{
"published_at": "2025-09-08",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7244264",
"url": "https://www.ibm.com/support/pages/node/7244264"
},
{
"published_at": "2025-09-10",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7244494",
"url": "https://www.ibm.com/support/pages/node/7244494"
}
]
}
RHSA-2025:11849
Vulnerability from csaf_redhat - Published: 2025-07-28 09:02 - Updated: 2025-11-21 19:20Summary
Red Hat Security Advisory: unbound security update
Notes
Topic
An update for unbound is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver.
Security Fix(es):
* unbound: Unbound Cache poisoning (CVE-2025-5994)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for unbound is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. \n\nSecurity Fix(es):\n\n* unbound: Unbound Cache poisoning (CVE-2025-5994)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:11849",
"url": "https://access.redhat.com/errata/RHSA-2025:11849"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2380949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380949"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_11849.json"
}
],
"title": "Red Hat Security Advisory: unbound security update",
"tracking": {
"current_release_date": "2025-11-21T19:20:56+00:00",
"generator": {
"date": "2025-11-21T19:20:56+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2025:11849",
"initial_release_date": "2025-07-28T09:02:41+00:00",
"revision_history": [
{
"date": "2025-07-28T09:02:41+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-28T09:02:41+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T19:20:56+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::crb"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-unbound-0:1.16.2-19.el9_6.1.aarch64",
"product": {
"name": "python3-unbound-0:1.16.2-19.el9_6.1.aarch64",
"product_id": "python3-unbound-0:1.16.2-19.el9_6.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound@1.16.2-19.el9_6.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-0:1.16.2-19.el9_6.1.aarch64",
"product": {
"name": "unbound-0:1.16.2-19.el9_6.1.aarch64",
"product_id": "unbound-0:1.16.2-19.el9_6.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.16.2-19.el9_6.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-dracut-0:1.16.2-19.el9_6.1.aarch64",
"product": {
"name": "unbound-dracut-0:1.16.2-19.el9_6.1.aarch64",
"product_id": "unbound-dracut-0:1.16.2-19.el9_6.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-dracut@1.16.2-19.el9_6.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-0:1.16.2-19.el9_6.1.aarch64",
"product": {
"name": "unbound-libs-0:1.16.2-19.el9_6.1.aarch64",
"product_id": "unbound-libs-0:1.16.2-19.el9_6.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.16.2-19.el9_6.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.16.2-19.el9_6.1.aarch64",
"product": {
"name": "unbound-debugsource-0:1.16.2-19.el9_6.1.aarch64",
"product_id": "unbound-debugsource-0:1.16.2-19.el9_6.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.16.2-19.el9_6.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.aarch64",
"product": {
"name": "python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.aarch64",
"product_id": "python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.16.2-19.el9_6.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.16.2-19.el9_6.1.aarch64",
"product": {
"name": "unbound-debuginfo-0:1.16.2-19.el9_6.1.aarch64",
"product_id": "unbound-debuginfo-0:1.16.2-19.el9_6.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.16.2-19.el9_6.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.aarch64",
"product": {
"name": "unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.aarch64",
"product_id": "unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.16.2-19.el9_6.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-devel-0:1.16.2-19.el9_6.1.aarch64",
"product": {
"name": "unbound-devel-0:1.16.2-19.el9_6.1.aarch64",
"product_id": "unbound-devel-0:1.16.2-19.el9_6.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-devel@1.16.2-19.el9_6.1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-unbound-0:1.16.2-19.el9_6.1.ppc64le",
"product": {
"name": "python3-unbound-0:1.16.2-19.el9_6.1.ppc64le",
"product_id": "python3-unbound-0:1.16.2-19.el9_6.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound@1.16.2-19.el9_6.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-0:1.16.2-19.el9_6.1.ppc64le",
"product": {
"name": "unbound-0:1.16.2-19.el9_6.1.ppc64le",
"product_id": "unbound-0:1.16.2-19.el9_6.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.16.2-19.el9_6.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-dracut-0:1.16.2-19.el9_6.1.ppc64le",
"product": {
"name": "unbound-dracut-0:1.16.2-19.el9_6.1.ppc64le",
"product_id": "unbound-dracut-0:1.16.2-19.el9_6.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-dracut@1.16.2-19.el9_6.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-0:1.16.2-19.el9_6.1.ppc64le",
"product": {
"name": "unbound-libs-0:1.16.2-19.el9_6.1.ppc64le",
"product_id": "unbound-libs-0:1.16.2-19.el9_6.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.16.2-19.el9_6.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.16.2-19.el9_6.1.ppc64le",
"product": {
"name": "unbound-debugsource-0:1.16.2-19.el9_6.1.ppc64le",
"product_id": "unbound-debugsource-0:1.16.2-19.el9_6.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.16.2-19.el9_6.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.ppc64le",
"product": {
"name": "python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.ppc64le",
"product_id": "python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.16.2-19.el9_6.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.16.2-19.el9_6.1.ppc64le",
"product": {
"name": "unbound-debuginfo-0:1.16.2-19.el9_6.1.ppc64le",
"product_id": "unbound-debuginfo-0:1.16.2-19.el9_6.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.16.2-19.el9_6.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.ppc64le",
"product": {
"name": "unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.ppc64le",
"product_id": "unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.16.2-19.el9_6.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-devel-0:1.16.2-19.el9_6.1.ppc64le",
"product": {
"name": "unbound-devel-0:1.16.2-19.el9_6.1.ppc64le",
"product_id": "unbound-devel-0:1.16.2-19.el9_6.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-devel@1.16.2-19.el9_6.1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-unbound-0:1.16.2-19.el9_6.1.x86_64",
"product": {
"name": "python3-unbound-0:1.16.2-19.el9_6.1.x86_64",
"product_id": "python3-unbound-0:1.16.2-19.el9_6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound@1.16.2-19.el9_6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-0:1.16.2-19.el9_6.1.x86_64",
"product": {
"name": "unbound-0:1.16.2-19.el9_6.1.x86_64",
"product_id": "unbound-0:1.16.2-19.el9_6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.16.2-19.el9_6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-dracut-0:1.16.2-19.el9_6.1.x86_64",
"product": {
"name": "unbound-dracut-0:1.16.2-19.el9_6.1.x86_64",
"product_id": "unbound-dracut-0:1.16.2-19.el9_6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-dracut@1.16.2-19.el9_6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-0:1.16.2-19.el9_6.1.x86_64",
"product": {
"name": "unbound-libs-0:1.16.2-19.el9_6.1.x86_64",
"product_id": "unbound-libs-0:1.16.2-19.el9_6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.16.2-19.el9_6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.16.2-19.el9_6.1.x86_64",
"product": {
"name": "unbound-debugsource-0:1.16.2-19.el9_6.1.x86_64",
"product_id": "unbound-debugsource-0:1.16.2-19.el9_6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.16.2-19.el9_6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.x86_64",
"product": {
"name": "python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.x86_64",
"product_id": "python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.16.2-19.el9_6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.16.2-19.el9_6.1.x86_64",
"product": {
"name": "unbound-debuginfo-0:1.16.2-19.el9_6.1.x86_64",
"product_id": "unbound-debuginfo-0:1.16.2-19.el9_6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.16.2-19.el9_6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.x86_64",
"product": {
"name": "unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.x86_64",
"product_id": "unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.16.2-19.el9_6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-devel-0:1.16.2-19.el9_6.1.x86_64",
"product": {
"name": "unbound-devel-0:1.16.2-19.el9_6.1.x86_64",
"product_id": "unbound-devel-0:1.16.2-19.el9_6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-devel@1.16.2-19.el9_6.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "unbound-libs-0:1.16.2-19.el9_6.1.i686",
"product": {
"name": "unbound-libs-0:1.16.2-19.el9_6.1.i686",
"product_id": "unbound-libs-0:1.16.2-19.el9_6.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.16.2-19.el9_6.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.16.2-19.el9_6.1.i686",
"product": {
"name": "unbound-debugsource-0:1.16.2-19.el9_6.1.i686",
"product_id": "unbound-debugsource-0:1.16.2-19.el9_6.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.16.2-19.el9_6.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.i686",
"product": {
"name": "python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.i686",
"product_id": "python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.16.2-19.el9_6.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.16.2-19.el9_6.1.i686",
"product": {
"name": "unbound-debuginfo-0:1.16.2-19.el9_6.1.i686",
"product_id": "unbound-debuginfo-0:1.16.2-19.el9_6.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.16.2-19.el9_6.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.i686",
"product": {
"name": "unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.i686",
"product_id": "unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.16.2-19.el9_6.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "unbound-devel-0:1.16.2-19.el9_6.1.i686",
"product": {
"name": "unbound-devel-0:1.16.2-19.el9_6.1.i686",
"product_id": "unbound-devel-0:1.16.2-19.el9_6.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-devel@1.16.2-19.el9_6.1?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-unbound-0:1.16.2-19.el9_6.1.s390x",
"product": {
"name": "python3-unbound-0:1.16.2-19.el9_6.1.s390x",
"product_id": "python3-unbound-0:1.16.2-19.el9_6.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound@1.16.2-19.el9_6.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-0:1.16.2-19.el9_6.1.s390x",
"product": {
"name": "unbound-0:1.16.2-19.el9_6.1.s390x",
"product_id": "unbound-0:1.16.2-19.el9_6.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.16.2-19.el9_6.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-dracut-0:1.16.2-19.el9_6.1.s390x",
"product": {
"name": "unbound-dracut-0:1.16.2-19.el9_6.1.s390x",
"product_id": "unbound-dracut-0:1.16.2-19.el9_6.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-dracut@1.16.2-19.el9_6.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-0:1.16.2-19.el9_6.1.s390x",
"product": {
"name": "unbound-libs-0:1.16.2-19.el9_6.1.s390x",
"product_id": "unbound-libs-0:1.16.2-19.el9_6.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.16.2-19.el9_6.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.16.2-19.el9_6.1.s390x",
"product": {
"name": "unbound-debugsource-0:1.16.2-19.el9_6.1.s390x",
"product_id": "unbound-debugsource-0:1.16.2-19.el9_6.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.16.2-19.el9_6.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.s390x",
"product": {
"name": "python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.s390x",
"product_id": "python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.16.2-19.el9_6.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.16.2-19.el9_6.1.s390x",
"product": {
"name": "unbound-debuginfo-0:1.16.2-19.el9_6.1.s390x",
"product_id": "unbound-debuginfo-0:1.16.2-19.el9_6.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.16.2-19.el9_6.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.s390x",
"product": {
"name": "unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.s390x",
"product_id": "unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.16.2-19.el9_6.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-devel-0:1.16.2-19.el9_6.1.s390x",
"product": {
"name": "unbound-devel-0:1.16.2-19.el9_6.1.s390x",
"product_id": "unbound-devel-0:1.16.2-19.el9_6.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-devel@1.16.2-19.el9_6.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "unbound-0:1.16.2-19.el9_6.1.src",
"product": {
"name": "unbound-0:1.16.2-19.el9_6.1.src",
"product_id": "unbound-0:1.16.2-19.el9_6.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.16.2-19.el9_6.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.16.2-19.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.aarch64"
},
"product_reference": "python3-unbound-0:1.16.2-19.el9_6.1.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.16.2-19.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.ppc64le"
},
"product_reference": "python3-unbound-0:1.16.2-19.el9_6.1.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.16.2-19.el9_6.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.s390x"
},
"product_reference": "python3-unbound-0:1.16.2-19.el9_6.1.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.16.2-19.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.x86_64"
},
"product_reference": "python3-unbound-0:1.16.2-19.el9_6.1.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.aarch64"
},
"product_reference": "python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.i686"
},
"product_reference": "python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.i686",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.ppc64le"
},
"product_reference": "python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.s390x"
},
"product_reference": "python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.x86_64"
},
"product_reference": "python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.16.2-19.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.aarch64"
},
"product_reference": "unbound-0:1.16.2-19.el9_6.1.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.16.2-19.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.ppc64le"
},
"product_reference": "unbound-0:1.16.2-19.el9_6.1.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.16.2-19.el9_6.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.s390x"
},
"product_reference": "unbound-0:1.16.2-19.el9_6.1.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.16.2-19.el9_6.1.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.src"
},
"product_reference": "unbound-0:1.16.2-19.el9_6.1.src",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.16.2-19.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.x86_64"
},
"product_reference": "unbound-0:1.16.2-19.el9_6.1.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.16.2-19.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.aarch64"
},
"product_reference": "unbound-debuginfo-0:1.16.2-19.el9_6.1.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.16.2-19.el9_6.1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.i686"
},
"product_reference": "unbound-debuginfo-0:1.16.2-19.el9_6.1.i686",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.16.2-19.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.ppc64le"
},
"product_reference": "unbound-debuginfo-0:1.16.2-19.el9_6.1.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.16.2-19.el9_6.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.s390x"
},
"product_reference": "unbound-debuginfo-0:1.16.2-19.el9_6.1.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.16.2-19.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.x86_64"
},
"product_reference": "unbound-debuginfo-0:1.16.2-19.el9_6.1.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.16.2-19.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.aarch64"
},
"product_reference": "unbound-debugsource-0:1.16.2-19.el9_6.1.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.16.2-19.el9_6.1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.i686"
},
"product_reference": "unbound-debugsource-0:1.16.2-19.el9_6.1.i686",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.16.2-19.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.ppc64le"
},
"product_reference": "unbound-debugsource-0:1.16.2-19.el9_6.1.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.16.2-19.el9_6.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.s390x"
},
"product_reference": "unbound-debugsource-0:1.16.2-19.el9_6.1.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.16.2-19.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.x86_64"
},
"product_reference": "unbound-debugsource-0:1.16.2-19.el9_6.1.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.16.2-19.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.aarch64"
},
"product_reference": "unbound-devel-0:1.16.2-19.el9_6.1.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.16.2-19.el9_6.1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.i686"
},
"product_reference": "unbound-devel-0:1.16.2-19.el9_6.1.i686",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.16.2-19.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.ppc64le"
},
"product_reference": "unbound-devel-0:1.16.2-19.el9_6.1.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.16.2-19.el9_6.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.s390x"
},
"product_reference": "unbound-devel-0:1.16.2-19.el9_6.1.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.16.2-19.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.x86_64"
},
"product_reference": "unbound-devel-0:1.16.2-19.el9_6.1.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-dracut-0:1.16.2-19.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.aarch64"
},
"product_reference": "unbound-dracut-0:1.16.2-19.el9_6.1.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-dracut-0:1.16.2-19.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.ppc64le"
},
"product_reference": "unbound-dracut-0:1.16.2-19.el9_6.1.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-dracut-0:1.16.2-19.el9_6.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.s390x"
},
"product_reference": "unbound-dracut-0:1.16.2-19.el9_6.1.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-dracut-0:1.16.2-19.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.x86_64"
},
"product_reference": "unbound-dracut-0:1.16.2-19.el9_6.1.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.16.2-19.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.aarch64"
},
"product_reference": "unbound-libs-0:1.16.2-19.el9_6.1.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.16.2-19.el9_6.1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.i686"
},
"product_reference": "unbound-libs-0:1.16.2-19.el9_6.1.i686",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.16.2-19.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.ppc64le"
},
"product_reference": "unbound-libs-0:1.16.2-19.el9_6.1.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.16.2-19.el9_6.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.s390x"
},
"product_reference": "unbound-libs-0:1.16.2-19.el9_6.1.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.16.2-19.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.x86_64"
},
"product_reference": "unbound-libs-0:1.16.2-19.el9_6.1.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.aarch64"
},
"product_reference": "unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.i686"
},
"product_reference": "unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.i686",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.ppc64le"
},
"product_reference": "unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.s390x"
},
"product_reference": "unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.x86_64"
},
"product_reference": "unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.16.2-19.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.aarch64"
},
"product_reference": "python3-unbound-0:1.16.2-19.el9_6.1.aarch64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.16.2-19.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.ppc64le"
},
"product_reference": "python3-unbound-0:1.16.2-19.el9_6.1.ppc64le",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.16.2-19.el9_6.1.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.s390x"
},
"product_reference": "python3-unbound-0:1.16.2-19.el9_6.1.s390x",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.16.2-19.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.x86_64"
},
"product_reference": "python3-unbound-0:1.16.2-19.el9_6.1.x86_64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.aarch64"
},
"product_reference": "python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.aarch64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.i686 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.i686"
},
"product_reference": "python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.i686",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.ppc64le"
},
"product_reference": "python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.ppc64le",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.s390x"
},
"product_reference": "python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.s390x",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.x86_64"
},
"product_reference": "python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.x86_64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.16.2-19.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.aarch64"
},
"product_reference": "unbound-0:1.16.2-19.el9_6.1.aarch64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.16.2-19.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.ppc64le"
},
"product_reference": "unbound-0:1.16.2-19.el9_6.1.ppc64le",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.16.2-19.el9_6.1.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.s390x"
},
"product_reference": "unbound-0:1.16.2-19.el9_6.1.s390x",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.16.2-19.el9_6.1.src as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.src"
},
"product_reference": "unbound-0:1.16.2-19.el9_6.1.src",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.16.2-19.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.x86_64"
},
"product_reference": "unbound-0:1.16.2-19.el9_6.1.x86_64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.16.2-19.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.aarch64"
},
"product_reference": "unbound-debuginfo-0:1.16.2-19.el9_6.1.aarch64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.16.2-19.el9_6.1.i686 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.i686"
},
"product_reference": "unbound-debuginfo-0:1.16.2-19.el9_6.1.i686",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.16.2-19.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.ppc64le"
},
"product_reference": "unbound-debuginfo-0:1.16.2-19.el9_6.1.ppc64le",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.16.2-19.el9_6.1.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.s390x"
},
"product_reference": "unbound-debuginfo-0:1.16.2-19.el9_6.1.s390x",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.16.2-19.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.x86_64"
},
"product_reference": "unbound-debuginfo-0:1.16.2-19.el9_6.1.x86_64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.16.2-19.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.aarch64"
},
"product_reference": "unbound-debugsource-0:1.16.2-19.el9_6.1.aarch64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.16.2-19.el9_6.1.i686 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.i686"
},
"product_reference": "unbound-debugsource-0:1.16.2-19.el9_6.1.i686",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.16.2-19.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.ppc64le"
},
"product_reference": "unbound-debugsource-0:1.16.2-19.el9_6.1.ppc64le",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.16.2-19.el9_6.1.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.s390x"
},
"product_reference": "unbound-debugsource-0:1.16.2-19.el9_6.1.s390x",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.16.2-19.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.x86_64"
},
"product_reference": "unbound-debugsource-0:1.16.2-19.el9_6.1.x86_64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.16.2-19.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.aarch64"
},
"product_reference": "unbound-devel-0:1.16.2-19.el9_6.1.aarch64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.16.2-19.el9_6.1.i686 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.i686"
},
"product_reference": "unbound-devel-0:1.16.2-19.el9_6.1.i686",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.16.2-19.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.ppc64le"
},
"product_reference": "unbound-devel-0:1.16.2-19.el9_6.1.ppc64le",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.16.2-19.el9_6.1.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.s390x"
},
"product_reference": "unbound-devel-0:1.16.2-19.el9_6.1.s390x",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.16.2-19.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.x86_64"
},
"product_reference": "unbound-devel-0:1.16.2-19.el9_6.1.x86_64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-dracut-0:1.16.2-19.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.aarch64"
},
"product_reference": "unbound-dracut-0:1.16.2-19.el9_6.1.aarch64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-dracut-0:1.16.2-19.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.ppc64le"
},
"product_reference": "unbound-dracut-0:1.16.2-19.el9_6.1.ppc64le",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-dracut-0:1.16.2-19.el9_6.1.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.s390x"
},
"product_reference": "unbound-dracut-0:1.16.2-19.el9_6.1.s390x",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-dracut-0:1.16.2-19.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.x86_64"
},
"product_reference": "unbound-dracut-0:1.16.2-19.el9_6.1.x86_64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.16.2-19.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.aarch64"
},
"product_reference": "unbound-libs-0:1.16.2-19.el9_6.1.aarch64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.16.2-19.el9_6.1.i686 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.i686"
},
"product_reference": "unbound-libs-0:1.16.2-19.el9_6.1.i686",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.16.2-19.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.ppc64le"
},
"product_reference": "unbound-libs-0:1.16.2-19.el9_6.1.ppc64le",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.16.2-19.el9_6.1.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.s390x"
},
"product_reference": "unbound-libs-0:1.16.2-19.el9_6.1.s390x",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.16.2-19.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.x86_64"
},
"product_reference": "unbound-libs-0:1.16.2-19.el9_6.1.x86_64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.aarch64"
},
"product_reference": "unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.aarch64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.i686 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.i686"
},
"product_reference": "unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.i686",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.ppc64le"
},
"product_reference": "unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.ppc64le",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.s390x"
},
"product_reference": "unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.s390x",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.x86_64"
},
"product_reference": "unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.x86_64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-5994",
"cwe": {
"id": "CWE-349",
"name": "Acceptance of Extraneous Untrusted Data With Trusted Data"
},
"discovery_date": "2025-07-16T15:01:36.497027+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380949"
}
],
"notes": [
{
"category": "description",
"text": "A cache poisoning flaw was found in Unbound. Resolvers supporting EDNS Client Subnet (ECS) must segregate outgoing queries to accommodate different outgoing ECS information. This issue reopens resolvers to a birthday paradox attack, known as the Rebirthday Attack, which attempts to match the DNS transaction ID with cache non-ECS poisoned replies.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "unbound: Unbound Cache poisoning",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is considered Important rather than Moderate because it directly compromises the integrity of DNS caching mechanisms in resolvers supporting EDNS Client Subnet (ECS). The flaw allows an attacker to exploit the birthday paradox by generating a high volume of concurrent queries with different ECS values, thereby increasing the chance of a transaction ID collision with a spoofed response. If the resolver fails to properly segregate cache entries by ECS scope, it may accept and cache a malicious non-ECS response, effectively leading to DNS cache poisoning. Unlike typical poisoning attempts that require precise timing or privileged network positions, this attack can be carried out remotely with a high success rate, especially in resolvers that do not correctly isolate ECS queries.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.i686",
"AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.src",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.i686",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.i686",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.i686",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.i686",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.i686",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.s390x",
"CRB-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.i686",
"CRB-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.s390x",
"CRB-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.s390x",
"CRB-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.src",
"CRB-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.i686",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.s390x",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.i686",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.s390x",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.i686",
"CRB-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.s390x",
"CRB-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.s390x",
"CRB-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.i686",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.s390x",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.i686",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.s390x",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-5994"
},
{
"category": "external",
"summary": "RHBZ#2380949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380949"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-5994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5994"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-5994",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5994"
},
{
"category": "external",
"summary": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt",
"url": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt"
}
],
"release_date": "2025-07-16T14:38:22.738000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-28T09:02:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.i686",
"AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.src",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.i686",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.i686",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.i686",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.i686",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.i686",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.s390x",
"CRB-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.i686",
"CRB-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.s390x",
"CRB-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.s390x",
"CRB-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.src",
"CRB-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.i686",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.s390x",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.i686",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.s390x",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.i686",
"CRB-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.s390x",
"CRB-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.s390x",
"CRB-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.i686",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.s390x",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.i686",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.s390x",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:11849"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.i686",
"AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.src",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.i686",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.i686",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.i686",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.i686",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.i686",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.s390x",
"CRB-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.i686",
"CRB-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.s390x",
"CRB-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.s390x",
"CRB-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.src",
"CRB-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.i686",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.s390x",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.i686",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.s390x",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.i686",
"CRB-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.s390x",
"CRB-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.s390x",
"CRB-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.i686",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.s390x",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.i686",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.s390x",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.i686",
"AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.src",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.i686",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.i686",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.i686",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.i686",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.i686",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.s390x",
"CRB-9.6.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-19.el9_6.1.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.i686",
"CRB-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.s390x",
"CRB-9.6.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-19.el9_6.1.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.s390x",
"CRB-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.src",
"CRB-9.6.0.Z.MAIN.EUS:unbound-0:1.16.2-19.el9_6.1.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.i686",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.s390x",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-19.el9_6.1.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.i686",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.s390x",
"CRB-9.6.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-19.el9_6.1.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.i686",
"CRB-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.s390x",
"CRB-9.6.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-19.el9_6.1.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.s390x",
"CRB-9.6.0.Z.MAIN.EUS:unbound-dracut-0:1.16.2-19.el9_6.1.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.i686",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.s390x",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-19.el9_6.1.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.i686",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.s390x",
"CRB-9.6.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-19.el9_6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "unbound: Unbound Cache poisoning"
}
]
}
RHSA-2025:12523
Vulnerability from csaf_redhat - Published: 2025-08-04 15:19 - Updated: 2025-11-21 19:21Summary
Red Hat Security Advisory: unbound security update
Notes
Topic
An update for unbound is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver.
Security Fix(es):
* unbound: Unbound Cache poisoning (CVE-2025-5994)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for unbound is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. \n\nSecurity Fix(es):\n\n* unbound: Unbound Cache poisoning (CVE-2025-5994)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:12523",
"url": "https://access.redhat.com/errata/RHSA-2025:12523"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2380949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380949"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_12523.json"
}
],
"title": "Red Hat Security Advisory: unbound security update",
"tracking": {
"current_release_date": "2025-11-21T19:21:35+00:00",
"generator": {
"date": "2025-11-21T19:21:35+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2025:12523",
"initial_release_date": "2025-08-04T15:19:40+00:00",
"revision_history": [
{
"date": "2025-08-04T15:19:40+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-08-04T15:19:40+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T19:21:35+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product": {
"name": "Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:9.2::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-unbound-0:1.16.2-3.el9_2.5.aarch64",
"product": {
"name": "python3-unbound-0:1.16.2-3.el9_2.5.aarch64",
"product_id": "python3-unbound-0:1.16.2-3.el9_2.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound@1.16.2-3.el9_2.5?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-0:1.16.2-3.el9_2.5.aarch64",
"product": {
"name": "unbound-0:1.16.2-3.el9_2.5.aarch64",
"product_id": "unbound-0:1.16.2-3.el9_2.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.16.2-3.el9_2.5?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-0:1.16.2-3.el9_2.5.aarch64",
"product": {
"name": "unbound-libs-0:1.16.2-3.el9_2.5.aarch64",
"product_id": "unbound-libs-0:1.16.2-3.el9_2.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.16.2-3.el9_2.5?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.16.2-3.el9_2.5.aarch64",
"product": {
"name": "unbound-debugsource-0:1.16.2-3.el9_2.5.aarch64",
"product_id": "unbound-debugsource-0:1.16.2-3.el9_2.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.16.2-3.el9_2.5?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.aarch64",
"product": {
"name": "python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.aarch64",
"product_id": "python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.16.2-3.el9_2.5?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.16.2-3.el9_2.5.aarch64",
"product": {
"name": "unbound-debuginfo-0:1.16.2-3.el9_2.5.aarch64",
"product_id": "unbound-debuginfo-0:1.16.2-3.el9_2.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.16.2-3.el9_2.5?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.aarch64",
"product": {
"name": "unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.aarch64",
"product_id": "unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.16.2-3.el9_2.5?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-unbound-0:1.16.2-3.el9_2.5.ppc64le",
"product": {
"name": "python3-unbound-0:1.16.2-3.el9_2.5.ppc64le",
"product_id": "python3-unbound-0:1.16.2-3.el9_2.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound@1.16.2-3.el9_2.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-0:1.16.2-3.el9_2.5.ppc64le",
"product": {
"name": "unbound-0:1.16.2-3.el9_2.5.ppc64le",
"product_id": "unbound-0:1.16.2-3.el9_2.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.16.2-3.el9_2.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-0:1.16.2-3.el9_2.5.ppc64le",
"product": {
"name": "unbound-libs-0:1.16.2-3.el9_2.5.ppc64le",
"product_id": "unbound-libs-0:1.16.2-3.el9_2.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.16.2-3.el9_2.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.16.2-3.el9_2.5.ppc64le",
"product": {
"name": "unbound-debugsource-0:1.16.2-3.el9_2.5.ppc64le",
"product_id": "unbound-debugsource-0:1.16.2-3.el9_2.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.16.2-3.el9_2.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.ppc64le",
"product": {
"name": "python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.ppc64le",
"product_id": "python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.16.2-3.el9_2.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.16.2-3.el9_2.5.ppc64le",
"product": {
"name": "unbound-debuginfo-0:1.16.2-3.el9_2.5.ppc64le",
"product_id": "unbound-debuginfo-0:1.16.2-3.el9_2.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.16.2-3.el9_2.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.ppc64le",
"product": {
"name": "unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.ppc64le",
"product_id": "unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.16.2-3.el9_2.5?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-unbound-0:1.16.2-3.el9_2.5.x86_64",
"product": {
"name": "python3-unbound-0:1.16.2-3.el9_2.5.x86_64",
"product_id": "python3-unbound-0:1.16.2-3.el9_2.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound@1.16.2-3.el9_2.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-0:1.16.2-3.el9_2.5.x86_64",
"product": {
"name": "unbound-0:1.16.2-3.el9_2.5.x86_64",
"product_id": "unbound-0:1.16.2-3.el9_2.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.16.2-3.el9_2.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-0:1.16.2-3.el9_2.5.x86_64",
"product": {
"name": "unbound-libs-0:1.16.2-3.el9_2.5.x86_64",
"product_id": "unbound-libs-0:1.16.2-3.el9_2.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.16.2-3.el9_2.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.16.2-3.el9_2.5.x86_64",
"product": {
"name": "unbound-debugsource-0:1.16.2-3.el9_2.5.x86_64",
"product_id": "unbound-debugsource-0:1.16.2-3.el9_2.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.16.2-3.el9_2.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.x86_64",
"product": {
"name": "python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.x86_64",
"product_id": "python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.16.2-3.el9_2.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.16.2-3.el9_2.5.x86_64",
"product": {
"name": "unbound-debuginfo-0:1.16.2-3.el9_2.5.x86_64",
"product_id": "unbound-debuginfo-0:1.16.2-3.el9_2.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.16.2-3.el9_2.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.x86_64",
"product": {
"name": "unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.x86_64",
"product_id": "unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.16.2-3.el9_2.5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "unbound-libs-0:1.16.2-3.el9_2.5.i686",
"product": {
"name": "unbound-libs-0:1.16.2-3.el9_2.5.i686",
"product_id": "unbound-libs-0:1.16.2-3.el9_2.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.16.2-3.el9_2.5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.16.2-3.el9_2.5.i686",
"product": {
"name": "unbound-debugsource-0:1.16.2-3.el9_2.5.i686",
"product_id": "unbound-debugsource-0:1.16.2-3.el9_2.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.16.2-3.el9_2.5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.i686",
"product": {
"name": "python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.i686",
"product_id": "python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.16.2-3.el9_2.5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.16.2-3.el9_2.5.i686",
"product": {
"name": "unbound-debuginfo-0:1.16.2-3.el9_2.5.i686",
"product_id": "unbound-debuginfo-0:1.16.2-3.el9_2.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.16.2-3.el9_2.5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.i686",
"product": {
"name": "unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.i686",
"product_id": "unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.16.2-3.el9_2.5?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-unbound-0:1.16.2-3.el9_2.5.s390x",
"product": {
"name": "python3-unbound-0:1.16.2-3.el9_2.5.s390x",
"product_id": "python3-unbound-0:1.16.2-3.el9_2.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound@1.16.2-3.el9_2.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-0:1.16.2-3.el9_2.5.s390x",
"product": {
"name": "unbound-0:1.16.2-3.el9_2.5.s390x",
"product_id": "unbound-0:1.16.2-3.el9_2.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.16.2-3.el9_2.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-0:1.16.2-3.el9_2.5.s390x",
"product": {
"name": "unbound-libs-0:1.16.2-3.el9_2.5.s390x",
"product_id": "unbound-libs-0:1.16.2-3.el9_2.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.16.2-3.el9_2.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.16.2-3.el9_2.5.s390x",
"product": {
"name": "unbound-debugsource-0:1.16.2-3.el9_2.5.s390x",
"product_id": "unbound-debugsource-0:1.16.2-3.el9_2.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.16.2-3.el9_2.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.s390x",
"product": {
"name": "python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.s390x",
"product_id": "python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.16.2-3.el9_2.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.16.2-3.el9_2.5.s390x",
"product": {
"name": "unbound-debuginfo-0:1.16.2-3.el9_2.5.s390x",
"product_id": "unbound-debuginfo-0:1.16.2-3.el9_2.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.16.2-3.el9_2.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.s390x",
"product": {
"name": "unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.s390x",
"product_id": "unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.16.2-3.el9_2.5?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "unbound-0:1.16.2-3.el9_2.5.src",
"product": {
"name": "unbound-0:1.16.2-3.el9_2.5.src",
"product_id": "unbound-0:1.16.2-3.el9_2.5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.16.2-3.el9_2.5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.16.2-3.el9_2.5.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:python3-unbound-0:1.16.2-3.el9_2.5.aarch64"
},
"product_reference": "python3-unbound-0:1.16.2-3.el9_2.5.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.16.2-3.el9_2.5.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:python3-unbound-0:1.16.2-3.el9_2.5.ppc64le"
},
"product_reference": "python3-unbound-0:1.16.2-3.el9_2.5.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.16.2-3.el9_2.5.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:python3-unbound-0:1.16.2-3.el9_2.5.s390x"
},
"product_reference": "python3-unbound-0:1.16.2-3.el9_2.5.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.16.2-3.el9_2.5.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:python3-unbound-0:1.16.2-3.el9_2.5.x86_64"
},
"product_reference": "python3-unbound-0:1.16.2-3.el9_2.5.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.aarch64"
},
"product_reference": "python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.i686"
},
"product_reference": "python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.ppc64le"
},
"product_reference": "python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.s390x"
},
"product_reference": "python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.x86_64"
},
"product_reference": "python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.16.2-3.el9_2.5.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:unbound-0:1.16.2-3.el9_2.5.aarch64"
},
"product_reference": "unbound-0:1.16.2-3.el9_2.5.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.16.2-3.el9_2.5.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:unbound-0:1.16.2-3.el9_2.5.ppc64le"
},
"product_reference": "unbound-0:1.16.2-3.el9_2.5.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.16.2-3.el9_2.5.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:unbound-0:1.16.2-3.el9_2.5.s390x"
},
"product_reference": "unbound-0:1.16.2-3.el9_2.5.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.16.2-3.el9_2.5.src as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:unbound-0:1.16.2-3.el9_2.5.src"
},
"product_reference": "unbound-0:1.16.2-3.el9_2.5.src",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.16.2-3.el9_2.5.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:unbound-0:1.16.2-3.el9_2.5.x86_64"
},
"product_reference": "unbound-0:1.16.2-3.el9_2.5.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.16.2-3.el9_2.5.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:unbound-debuginfo-0:1.16.2-3.el9_2.5.aarch64"
},
"product_reference": "unbound-debuginfo-0:1.16.2-3.el9_2.5.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.16.2-3.el9_2.5.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:unbound-debuginfo-0:1.16.2-3.el9_2.5.i686"
},
"product_reference": "unbound-debuginfo-0:1.16.2-3.el9_2.5.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.16.2-3.el9_2.5.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:unbound-debuginfo-0:1.16.2-3.el9_2.5.ppc64le"
},
"product_reference": "unbound-debuginfo-0:1.16.2-3.el9_2.5.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.16.2-3.el9_2.5.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:unbound-debuginfo-0:1.16.2-3.el9_2.5.s390x"
},
"product_reference": "unbound-debuginfo-0:1.16.2-3.el9_2.5.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.16.2-3.el9_2.5.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:unbound-debuginfo-0:1.16.2-3.el9_2.5.x86_64"
},
"product_reference": "unbound-debuginfo-0:1.16.2-3.el9_2.5.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.16.2-3.el9_2.5.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:unbound-debugsource-0:1.16.2-3.el9_2.5.aarch64"
},
"product_reference": "unbound-debugsource-0:1.16.2-3.el9_2.5.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.16.2-3.el9_2.5.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:unbound-debugsource-0:1.16.2-3.el9_2.5.i686"
},
"product_reference": "unbound-debugsource-0:1.16.2-3.el9_2.5.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.16.2-3.el9_2.5.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:unbound-debugsource-0:1.16.2-3.el9_2.5.ppc64le"
},
"product_reference": "unbound-debugsource-0:1.16.2-3.el9_2.5.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.16.2-3.el9_2.5.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:unbound-debugsource-0:1.16.2-3.el9_2.5.s390x"
},
"product_reference": "unbound-debugsource-0:1.16.2-3.el9_2.5.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.16.2-3.el9_2.5.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:unbound-debugsource-0:1.16.2-3.el9_2.5.x86_64"
},
"product_reference": "unbound-debugsource-0:1.16.2-3.el9_2.5.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.16.2-3.el9_2.5.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:unbound-libs-0:1.16.2-3.el9_2.5.aarch64"
},
"product_reference": "unbound-libs-0:1.16.2-3.el9_2.5.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.16.2-3.el9_2.5.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:unbound-libs-0:1.16.2-3.el9_2.5.i686"
},
"product_reference": "unbound-libs-0:1.16.2-3.el9_2.5.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.16.2-3.el9_2.5.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:unbound-libs-0:1.16.2-3.el9_2.5.ppc64le"
},
"product_reference": "unbound-libs-0:1.16.2-3.el9_2.5.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.16.2-3.el9_2.5.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:unbound-libs-0:1.16.2-3.el9_2.5.s390x"
},
"product_reference": "unbound-libs-0:1.16.2-3.el9_2.5.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.16.2-3.el9_2.5.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:unbound-libs-0:1.16.2-3.el9_2.5.x86_64"
},
"product_reference": "unbound-libs-0:1.16.2-3.el9_2.5.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.aarch64"
},
"product_reference": "unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.i686"
},
"product_reference": "unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.ppc64le"
},
"product_reference": "unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.s390x"
},
"product_reference": "unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.x86_64"
},
"product_reference": "unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-5994",
"cwe": {
"id": "CWE-349",
"name": "Acceptance of Extraneous Untrusted Data With Trusted Data"
},
"discovery_date": "2025-07-16T15:01:36.497027+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380949"
}
],
"notes": [
{
"category": "description",
"text": "A cache poisoning flaw was found in Unbound. Resolvers supporting EDNS Client Subnet (ECS) must segregate outgoing queries to accommodate different outgoing ECS information. This issue reopens resolvers to a birthday paradox attack, known as the Rebirthday Attack, which attempts to match the DNS transaction ID with cache non-ECS poisoned replies.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "unbound: Unbound Cache poisoning",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is considered Important rather than Moderate because it directly compromises the integrity of DNS caching mechanisms in resolvers supporting EDNS Client Subnet (ECS). The flaw allows an attacker to exploit the birthday paradox by generating a high volume of concurrent queries with different ECS values, thereby increasing the chance of a transaction ID collision with a spoofed response. If the resolver fails to properly segregate cache entries by ECS scope, it may accept and cache a malicious non-ECS response, effectively leading to DNS cache poisoning. Unlike typical poisoning attempts that require precise timing or privileged network positions, this attack can be carried out remotely with a high success rate, especially in resolvers that do not correctly isolate ECS queries.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.E4S:python3-unbound-0:1.16.2-3.el9_2.5.aarch64",
"AppStream-9.2.0.Z.E4S:python3-unbound-0:1.16.2-3.el9_2.5.ppc64le",
"AppStream-9.2.0.Z.E4S:python3-unbound-0:1.16.2-3.el9_2.5.s390x",
"AppStream-9.2.0.Z.E4S:python3-unbound-0:1.16.2-3.el9_2.5.x86_64",
"AppStream-9.2.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.aarch64",
"AppStream-9.2.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.i686",
"AppStream-9.2.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.ppc64le",
"AppStream-9.2.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.s390x",
"AppStream-9.2.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.x86_64",
"AppStream-9.2.0.Z.E4S:unbound-0:1.16.2-3.el9_2.5.aarch64",
"AppStream-9.2.0.Z.E4S:unbound-0:1.16.2-3.el9_2.5.ppc64le",
"AppStream-9.2.0.Z.E4S:unbound-0:1.16.2-3.el9_2.5.s390x",
"AppStream-9.2.0.Z.E4S:unbound-0:1.16.2-3.el9_2.5.src",
"AppStream-9.2.0.Z.E4S:unbound-0:1.16.2-3.el9_2.5.x86_64",
"AppStream-9.2.0.Z.E4S:unbound-debuginfo-0:1.16.2-3.el9_2.5.aarch64",
"AppStream-9.2.0.Z.E4S:unbound-debuginfo-0:1.16.2-3.el9_2.5.i686",
"AppStream-9.2.0.Z.E4S:unbound-debuginfo-0:1.16.2-3.el9_2.5.ppc64le",
"AppStream-9.2.0.Z.E4S:unbound-debuginfo-0:1.16.2-3.el9_2.5.s390x",
"AppStream-9.2.0.Z.E4S:unbound-debuginfo-0:1.16.2-3.el9_2.5.x86_64",
"AppStream-9.2.0.Z.E4S:unbound-debugsource-0:1.16.2-3.el9_2.5.aarch64",
"AppStream-9.2.0.Z.E4S:unbound-debugsource-0:1.16.2-3.el9_2.5.i686",
"AppStream-9.2.0.Z.E4S:unbound-debugsource-0:1.16.2-3.el9_2.5.ppc64le",
"AppStream-9.2.0.Z.E4S:unbound-debugsource-0:1.16.2-3.el9_2.5.s390x",
"AppStream-9.2.0.Z.E4S:unbound-debugsource-0:1.16.2-3.el9_2.5.x86_64",
"AppStream-9.2.0.Z.E4S:unbound-libs-0:1.16.2-3.el9_2.5.aarch64",
"AppStream-9.2.0.Z.E4S:unbound-libs-0:1.16.2-3.el9_2.5.i686",
"AppStream-9.2.0.Z.E4S:unbound-libs-0:1.16.2-3.el9_2.5.ppc64le",
"AppStream-9.2.0.Z.E4S:unbound-libs-0:1.16.2-3.el9_2.5.s390x",
"AppStream-9.2.0.Z.E4S:unbound-libs-0:1.16.2-3.el9_2.5.x86_64",
"AppStream-9.2.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.aarch64",
"AppStream-9.2.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.i686",
"AppStream-9.2.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.ppc64le",
"AppStream-9.2.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.s390x",
"AppStream-9.2.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-5994"
},
{
"category": "external",
"summary": "RHBZ#2380949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380949"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-5994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5994"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-5994",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5994"
},
{
"category": "external",
"summary": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt",
"url": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt"
}
],
"release_date": "2025-07-16T14:38:22.738000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-04T15:19:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.E4S:python3-unbound-0:1.16.2-3.el9_2.5.aarch64",
"AppStream-9.2.0.Z.E4S:python3-unbound-0:1.16.2-3.el9_2.5.ppc64le",
"AppStream-9.2.0.Z.E4S:python3-unbound-0:1.16.2-3.el9_2.5.s390x",
"AppStream-9.2.0.Z.E4S:python3-unbound-0:1.16.2-3.el9_2.5.x86_64",
"AppStream-9.2.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.aarch64",
"AppStream-9.2.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.i686",
"AppStream-9.2.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.ppc64le",
"AppStream-9.2.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.s390x",
"AppStream-9.2.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.x86_64",
"AppStream-9.2.0.Z.E4S:unbound-0:1.16.2-3.el9_2.5.aarch64",
"AppStream-9.2.0.Z.E4S:unbound-0:1.16.2-3.el9_2.5.ppc64le",
"AppStream-9.2.0.Z.E4S:unbound-0:1.16.2-3.el9_2.5.s390x",
"AppStream-9.2.0.Z.E4S:unbound-0:1.16.2-3.el9_2.5.src",
"AppStream-9.2.0.Z.E4S:unbound-0:1.16.2-3.el9_2.5.x86_64",
"AppStream-9.2.0.Z.E4S:unbound-debuginfo-0:1.16.2-3.el9_2.5.aarch64",
"AppStream-9.2.0.Z.E4S:unbound-debuginfo-0:1.16.2-3.el9_2.5.i686",
"AppStream-9.2.0.Z.E4S:unbound-debuginfo-0:1.16.2-3.el9_2.5.ppc64le",
"AppStream-9.2.0.Z.E4S:unbound-debuginfo-0:1.16.2-3.el9_2.5.s390x",
"AppStream-9.2.0.Z.E4S:unbound-debuginfo-0:1.16.2-3.el9_2.5.x86_64",
"AppStream-9.2.0.Z.E4S:unbound-debugsource-0:1.16.2-3.el9_2.5.aarch64",
"AppStream-9.2.0.Z.E4S:unbound-debugsource-0:1.16.2-3.el9_2.5.i686",
"AppStream-9.2.0.Z.E4S:unbound-debugsource-0:1.16.2-3.el9_2.5.ppc64le",
"AppStream-9.2.0.Z.E4S:unbound-debugsource-0:1.16.2-3.el9_2.5.s390x",
"AppStream-9.2.0.Z.E4S:unbound-debugsource-0:1.16.2-3.el9_2.5.x86_64",
"AppStream-9.2.0.Z.E4S:unbound-libs-0:1.16.2-3.el9_2.5.aarch64",
"AppStream-9.2.0.Z.E4S:unbound-libs-0:1.16.2-3.el9_2.5.i686",
"AppStream-9.2.0.Z.E4S:unbound-libs-0:1.16.2-3.el9_2.5.ppc64le",
"AppStream-9.2.0.Z.E4S:unbound-libs-0:1.16.2-3.el9_2.5.s390x",
"AppStream-9.2.0.Z.E4S:unbound-libs-0:1.16.2-3.el9_2.5.x86_64",
"AppStream-9.2.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.aarch64",
"AppStream-9.2.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.i686",
"AppStream-9.2.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.ppc64le",
"AppStream-9.2.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.s390x",
"AppStream-9.2.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:12523"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.2.0.Z.E4S:python3-unbound-0:1.16.2-3.el9_2.5.aarch64",
"AppStream-9.2.0.Z.E4S:python3-unbound-0:1.16.2-3.el9_2.5.ppc64le",
"AppStream-9.2.0.Z.E4S:python3-unbound-0:1.16.2-3.el9_2.5.s390x",
"AppStream-9.2.0.Z.E4S:python3-unbound-0:1.16.2-3.el9_2.5.x86_64",
"AppStream-9.2.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.aarch64",
"AppStream-9.2.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.i686",
"AppStream-9.2.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.ppc64le",
"AppStream-9.2.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.s390x",
"AppStream-9.2.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.x86_64",
"AppStream-9.2.0.Z.E4S:unbound-0:1.16.2-3.el9_2.5.aarch64",
"AppStream-9.2.0.Z.E4S:unbound-0:1.16.2-3.el9_2.5.ppc64le",
"AppStream-9.2.0.Z.E4S:unbound-0:1.16.2-3.el9_2.5.s390x",
"AppStream-9.2.0.Z.E4S:unbound-0:1.16.2-3.el9_2.5.src",
"AppStream-9.2.0.Z.E4S:unbound-0:1.16.2-3.el9_2.5.x86_64",
"AppStream-9.2.0.Z.E4S:unbound-debuginfo-0:1.16.2-3.el9_2.5.aarch64",
"AppStream-9.2.0.Z.E4S:unbound-debuginfo-0:1.16.2-3.el9_2.5.i686",
"AppStream-9.2.0.Z.E4S:unbound-debuginfo-0:1.16.2-3.el9_2.5.ppc64le",
"AppStream-9.2.0.Z.E4S:unbound-debuginfo-0:1.16.2-3.el9_2.5.s390x",
"AppStream-9.2.0.Z.E4S:unbound-debuginfo-0:1.16.2-3.el9_2.5.x86_64",
"AppStream-9.2.0.Z.E4S:unbound-debugsource-0:1.16.2-3.el9_2.5.aarch64",
"AppStream-9.2.0.Z.E4S:unbound-debugsource-0:1.16.2-3.el9_2.5.i686",
"AppStream-9.2.0.Z.E4S:unbound-debugsource-0:1.16.2-3.el9_2.5.ppc64le",
"AppStream-9.2.0.Z.E4S:unbound-debugsource-0:1.16.2-3.el9_2.5.s390x",
"AppStream-9.2.0.Z.E4S:unbound-debugsource-0:1.16.2-3.el9_2.5.x86_64",
"AppStream-9.2.0.Z.E4S:unbound-libs-0:1.16.2-3.el9_2.5.aarch64",
"AppStream-9.2.0.Z.E4S:unbound-libs-0:1.16.2-3.el9_2.5.i686",
"AppStream-9.2.0.Z.E4S:unbound-libs-0:1.16.2-3.el9_2.5.ppc64le",
"AppStream-9.2.0.Z.E4S:unbound-libs-0:1.16.2-3.el9_2.5.s390x",
"AppStream-9.2.0.Z.E4S:unbound-libs-0:1.16.2-3.el9_2.5.x86_64",
"AppStream-9.2.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.aarch64",
"AppStream-9.2.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.i686",
"AppStream-9.2.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.ppc64le",
"AppStream-9.2.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.s390x",
"AppStream-9.2.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.E4S:python3-unbound-0:1.16.2-3.el9_2.5.aarch64",
"AppStream-9.2.0.Z.E4S:python3-unbound-0:1.16.2-3.el9_2.5.ppc64le",
"AppStream-9.2.0.Z.E4S:python3-unbound-0:1.16.2-3.el9_2.5.s390x",
"AppStream-9.2.0.Z.E4S:python3-unbound-0:1.16.2-3.el9_2.5.x86_64",
"AppStream-9.2.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.aarch64",
"AppStream-9.2.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.i686",
"AppStream-9.2.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.ppc64le",
"AppStream-9.2.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.s390x",
"AppStream-9.2.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-3.el9_2.5.x86_64",
"AppStream-9.2.0.Z.E4S:unbound-0:1.16.2-3.el9_2.5.aarch64",
"AppStream-9.2.0.Z.E4S:unbound-0:1.16.2-3.el9_2.5.ppc64le",
"AppStream-9.2.0.Z.E4S:unbound-0:1.16.2-3.el9_2.5.s390x",
"AppStream-9.2.0.Z.E4S:unbound-0:1.16.2-3.el9_2.5.src",
"AppStream-9.2.0.Z.E4S:unbound-0:1.16.2-3.el9_2.5.x86_64",
"AppStream-9.2.0.Z.E4S:unbound-debuginfo-0:1.16.2-3.el9_2.5.aarch64",
"AppStream-9.2.0.Z.E4S:unbound-debuginfo-0:1.16.2-3.el9_2.5.i686",
"AppStream-9.2.0.Z.E4S:unbound-debuginfo-0:1.16.2-3.el9_2.5.ppc64le",
"AppStream-9.2.0.Z.E4S:unbound-debuginfo-0:1.16.2-3.el9_2.5.s390x",
"AppStream-9.2.0.Z.E4S:unbound-debuginfo-0:1.16.2-3.el9_2.5.x86_64",
"AppStream-9.2.0.Z.E4S:unbound-debugsource-0:1.16.2-3.el9_2.5.aarch64",
"AppStream-9.2.0.Z.E4S:unbound-debugsource-0:1.16.2-3.el9_2.5.i686",
"AppStream-9.2.0.Z.E4S:unbound-debugsource-0:1.16.2-3.el9_2.5.ppc64le",
"AppStream-9.2.0.Z.E4S:unbound-debugsource-0:1.16.2-3.el9_2.5.s390x",
"AppStream-9.2.0.Z.E4S:unbound-debugsource-0:1.16.2-3.el9_2.5.x86_64",
"AppStream-9.2.0.Z.E4S:unbound-libs-0:1.16.2-3.el9_2.5.aarch64",
"AppStream-9.2.0.Z.E4S:unbound-libs-0:1.16.2-3.el9_2.5.i686",
"AppStream-9.2.0.Z.E4S:unbound-libs-0:1.16.2-3.el9_2.5.ppc64le",
"AppStream-9.2.0.Z.E4S:unbound-libs-0:1.16.2-3.el9_2.5.s390x",
"AppStream-9.2.0.Z.E4S:unbound-libs-0:1.16.2-3.el9_2.5.x86_64",
"AppStream-9.2.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.aarch64",
"AppStream-9.2.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.i686",
"AppStream-9.2.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.ppc64le",
"AppStream-9.2.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.s390x",
"AppStream-9.2.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-3.el9_2.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "unbound: Unbound Cache poisoning"
}
]
}
RHSA-2025:13575
Vulnerability from csaf_redhat - Published: 2025-08-11 07:37 - Updated: 2025-11-21 19:22Summary
Red Hat Security Advisory: unbound security update
Notes
Topic
An update for unbound is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver.
Security Fix(es):
* unbound: Unbound Cache poisoning (CVE-2025-5994)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for unbound is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. \n\nSecurity Fix(es):\n\n* unbound: Unbound Cache poisoning (CVE-2025-5994)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:13575",
"url": "https://access.redhat.com/errata/RHSA-2025:13575"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2380949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380949"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_13575.json"
}
],
"title": "Red Hat Security Advisory: unbound security update",
"tracking": {
"current_release_date": "2025-11-21T19:22:46+00:00",
"generator": {
"date": "2025-11-21T19:22:46+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2025:13575",
"initial_release_date": "2025-08-11T07:37:35+00:00",
"revision_history": [
{
"date": "2025-08-11T07:37:35+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-09-22T12:06:35+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T19:22:46+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"product": {
"name": "Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.AUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_aus:8.4::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS.EXTENSION",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-unbound-0:1.7.3-15.el8_4.2.x86_64",
"product": {
"name": "python3-unbound-0:1.7.3-15.el8_4.2.x86_64",
"product_id": "python3-unbound-0:1.7.3-15.el8_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound@1.7.3-15.el8_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-0:1.7.3-15.el8_4.2.x86_64",
"product": {
"name": "unbound-0:1.7.3-15.el8_4.2.x86_64",
"product_id": "unbound-0:1.7.3-15.el8_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.7.3-15.el8_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-devel-0:1.7.3-15.el8_4.2.x86_64",
"product": {
"name": "unbound-devel-0:1.7.3-15.el8_4.2.x86_64",
"product_id": "unbound-devel-0:1.7.3-15.el8_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-devel@1.7.3-15.el8_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-0:1.7.3-15.el8_4.2.x86_64",
"product": {
"name": "unbound-libs-0:1.7.3-15.el8_4.2.x86_64",
"product_id": "unbound-libs-0:1.7.3-15.el8_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.7.3-15.el8_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.7.3-15.el8_4.2.x86_64",
"product": {
"name": "unbound-debugsource-0:1.7.3-15.el8_4.2.x86_64",
"product_id": "unbound-debugsource-0:1.7.3-15.el8_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.7.3-15.el8_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.7.3-15.el8_4.2.x86_64",
"product": {
"name": "python3-unbound-debuginfo-0:1.7.3-15.el8_4.2.x86_64",
"product_id": "python3-unbound-debuginfo-0:1.7.3-15.el8_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.7.3-15.el8_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.7.3-15.el8_4.2.x86_64",
"product": {
"name": "unbound-debuginfo-0:1.7.3-15.el8_4.2.x86_64",
"product_id": "unbound-debuginfo-0:1.7.3-15.el8_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.7.3-15.el8_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.7.3-15.el8_4.2.x86_64",
"product": {
"name": "unbound-libs-debuginfo-0:1.7.3-15.el8_4.2.x86_64",
"product_id": "unbound-libs-debuginfo-0:1.7.3-15.el8_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.7.3-15.el8_4.2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "unbound-devel-0:1.7.3-15.el8_4.2.i686",
"product": {
"name": "unbound-devel-0:1.7.3-15.el8_4.2.i686",
"product_id": "unbound-devel-0:1.7.3-15.el8_4.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-devel@1.7.3-15.el8_4.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-0:1.7.3-15.el8_4.2.i686",
"product": {
"name": "unbound-libs-0:1.7.3-15.el8_4.2.i686",
"product_id": "unbound-libs-0:1.7.3-15.el8_4.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.7.3-15.el8_4.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.7.3-15.el8_4.2.i686",
"product": {
"name": "unbound-debugsource-0:1.7.3-15.el8_4.2.i686",
"product_id": "unbound-debugsource-0:1.7.3-15.el8_4.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.7.3-15.el8_4.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.7.3-15.el8_4.2.i686",
"product": {
"name": "python3-unbound-debuginfo-0:1.7.3-15.el8_4.2.i686",
"product_id": "python3-unbound-debuginfo-0:1.7.3-15.el8_4.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.7.3-15.el8_4.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.7.3-15.el8_4.2.i686",
"product": {
"name": "unbound-debuginfo-0:1.7.3-15.el8_4.2.i686",
"product_id": "unbound-debuginfo-0:1.7.3-15.el8_4.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.7.3-15.el8_4.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.7.3-15.el8_4.2.i686",
"product": {
"name": "unbound-libs-debuginfo-0:1.7.3-15.el8_4.2.i686",
"product_id": "unbound-libs-debuginfo-0:1.7.3-15.el8_4.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.7.3-15.el8_4.2?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "unbound-0:1.7.3-15.el8_4.2.src",
"product": {
"name": "unbound-0:1.7.3-15.el8_4.2.src",
"product_id": "unbound-0:1.7.3-15.el8_4.2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.7.3-15.el8_4.2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.7.3-15.el8_4.2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.AUS:python3-unbound-0:1.7.3-15.el8_4.2.x86_64"
},
"product_reference": "python3-unbound-0:1.7.3-15.el8_4.2.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.7.3-15.el8_4.2.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.AUS:python3-unbound-debuginfo-0:1.7.3-15.el8_4.2.i686"
},
"product_reference": "python3-unbound-debuginfo-0:1.7.3-15.el8_4.2.i686",
"relates_to_product_reference": "AppStream-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.7.3-15.el8_4.2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.AUS:python3-unbound-debuginfo-0:1.7.3-15.el8_4.2.x86_64"
},
"product_reference": "python3-unbound-debuginfo-0:1.7.3-15.el8_4.2.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.7.3-15.el8_4.2.src as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.AUS:unbound-0:1.7.3-15.el8_4.2.src"
},
"product_reference": "unbound-0:1.7.3-15.el8_4.2.src",
"relates_to_product_reference": "AppStream-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.7.3-15.el8_4.2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.AUS:unbound-0:1.7.3-15.el8_4.2.x86_64"
},
"product_reference": "unbound-0:1.7.3-15.el8_4.2.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.7.3-15.el8_4.2.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.AUS:unbound-debuginfo-0:1.7.3-15.el8_4.2.i686"
},
"product_reference": "unbound-debuginfo-0:1.7.3-15.el8_4.2.i686",
"relates_to_product_reference": "AppStream-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.7.3-15.el8_4.2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.AUS:unbound-debuginfo-0:1.7.3-15.el8_4.2.x86_64"
},
"product_reference": "unbound-debuginfo-0:1.7.3-15.el8_4.2.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.7.3-15.el8_4.2.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.AUS:unbound-debugsource-0:1.7.3-15.el8_4.2.i686"
},
"product_reference": "unbound-debugsource-0:1.7.3-15.el8_4.2.i686",
"relates_to_product_reference": "AppStream-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.7.3-15.el8_4.2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.AUS:unbound-debugsource-0:1.7.3-15.el8_4.2.x86_64"
},
"product_reference": "unbound-debugsource-0:1.7.3-15.el8_4.2.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.7.3-15.el8_4.2.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.AUS:unbound-devel-0:1.7.3-15.el8_4.2.i686"
},
"product_reference": "unbound-devel-0:1.7.3-15.el8_4.2.i686",
"relates_to_product_reference": "AppStream-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.7.3-15.el8_4.2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.AUS:unbound-devel-0:1.7.3-15.el8_4.2.x86_64"
},
"product_reference": "unbound-devel-0:1.7.3-15.el8_4.2.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.7.3-15.el8_4.2.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.AUS:unbound-libs-0:1.7.3-15.el8_4.2.i686"
},
"product_reference": "unbound-libs-0:1.7.3-15.el8_4.2.i686",
"relates_to_product_reference": "AppStream-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.7.3-15.el8_4.2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.AUS:unbound-libs-0:1.7.3-15.el8_4.2.x86_64"
},
"product_reference": "unbound-libs-0:1.7.3-15.el8_4.2.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.7.3-15.el8_4.2.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.AUS:unbound-libs-debuginfo-0:1.7.3-15.el8_4.2.i686"
},
"product_reference": "unbound-libs-debuginfo-0:1.7.3-15.el8_4.2.i686",
"relates_to_product_reference": "AppStream-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.7.3-15.el8_4.2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.AUS:unbound-libs-debuginfo-0:1.7.3-15.el8_4.2.x86_64"
},
"product_reference": "unbound-libs-debuginfo-0:1.7.3-15.el8_4.2.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.7.3-15.el8_4.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS.EXTENSION:python3-unbound-0:1.7.3-15.el8_4.2.x86_64"
},
"product_reference": "python3-unbound-0:1.7.3-15.el8_4.2.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.7.3-15.el8_4.2.i686 as a component of Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS.EXTENSION:python3-unbound-debuginfo-0:1.7.3-15.el8_4.2.i686"
},
"product_reference": "python3-unbound-debuginfo-0:1.7.3-15.el8_4.2.i686",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.7.3-15.el8_4.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS.EXTENSION:python3-unbound-debuginfo-0:1.7.3-15.el8_4.2.x86_64"
},
"product_reference": "python3-unbound-debuginfo-0:1.7.3-15.el8_4.2.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.7.3-15.el8_4.2.src as a component of Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS.EXTENSION:unbound-0:1.7.3-15.el8_4.2.src"
},
"product_reference": "unbound-0:1.7.3-15.el8_4.2.src",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.7.3-15.el8_4.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS.EXTENSION:unbound-0:1.7.3-15.el8_4.2.x86_64"
},
"product_reference": "unbound-0:1.7.3-15.el8_4.2.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.7.3-15.el8_4.2.i686 as a component of Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS.EXTENSION:unbound-debuginfo-0:1.7.3-15.el8_4.2.i686"
},
"product_reference": "unbound-debuginfo-0:1.7.3-15.el8_4.2.i686",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.7.3-15.el8_4.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS.EXTENSION:unbound-debuginfo-0:1.7.3-15.el8_4.2.x86_64"
},
"product_reference": "unbound-debuginfo-0:1.7.3-15.el8_4.2.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.7.3-15.el8_4.2.i686 as a component of Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS.EXTENSION:unbound-debugsource-0:1.7.3-15.el8_4.2.i686"
},
"product_reference": "unbound-debugsource-0:1.7.3-15.el8_4.2.i686",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.7.3-15.el8_4.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS.EXTENSION:unbound-debugsource-0:1.7.3-15.el8_4.2.x86_64"
},
"product_reference": "unbound-debugsource-0:1.7.3-15.el8_4.2.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.7.3-15.el8_4.2.i686 as a component of Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS.EXTENSION:unbound-devel-0:1.7.3-15.el8_4.2.i686"
},
"product_reference": "unbound-devel-0:1.7.3-15.el8_4.2.i686",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.7.3-15.el8_4.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS.EXTENSION:unbound-devel-0:1.7.3-15.el8_4.2.x86_64"
},
"product_reference": "unbound-devel-0:1.7.3-15.el8_4.2.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.7.3-15.el8_4.2.i686 as a component of Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS.EXTENSION:unbound-libs-0:1.7.3-15.el8_4.2.i686"
},
"product_reference": "unbound-libs-0:1.7.3-15.el8_4.2.i686",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.7.3-15.el8_4.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS.EXTENSION:unbound-libs-0:1.7.3-15.el8_4.2.x86_64"
},
"product_reference": "unbound-libs-0:1.7.3-15.el8_4.2.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.7.3-15.el8_4.2.i686 as a component of Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS.EXTENSION:unbound-libs-debuginfo-0:1.7.3-15.el8_4.2.i686"
},
"product_reference": "unbound-libs-debuginfo-0:1.7.3-15.el8_4.2.i686",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.7.3-15.el8_4.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS.EXTENSION:unbound-libs-debuginfo-0:1.7.3-15.el8_4.2.x86_64"
},
"product_reference": "unbound-libs-debuginfo-0:1.7.3-15.el8_4.2.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS.EXTENSION"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-5994",
"cwe": {
"id": "CWE-349",
"name": "Acceptance of Extraneous Untrusted Data With Trusted Data"
},
"discovery_date": "2025-07-16T15:01:36.497027+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380949"
}
],
"notes": [
{
"category": "description",
"text": "A cache poisoning flaw was found in Unbound. Resolvers supporting EDNS Client Subnet (ECS) must segregate outgoing queries to accommodate different outgoing ECS information. This issue reopens resolvers to a birthday paradox attack, known as the Rebirthday Attack, which attempts to match the DNS transaction ID with cache non-ECS poisoned replies.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "unbound: Unbound Cache poisoning",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is considered Important rather than Moderate because it directly compromises the integrity of DNS caching mechanisms in resolvers supporting EDNS Client Subnet (ECS). The flaw allows an attacker to exploit the birthday paradox by generating a high volume of concurrent queries with different ECS values, thereby increasing the chance of a transaction ID collision with a spoofed response. If the resolver fails to properly segregate cache entries by ECS scope, it may accept and cache a malicious non-ECS response, effectively leading to DNS cache poisoning. Unlike typical poisoning attempts that require precise timing or privileged network positions, this attack can be carried out remotely with a high success rate, especially in resolvers that do not correctly isolate ECS queries.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.AUS:python3-unbound-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.AUS:python3-unbound-debuginfo-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.AUS:python3-unbound-debuginfo-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.AUS:unbound-0:1.7.3-15.el8_4.2.src",
"AppStream-8.4.0.Z.AUS:unbound-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.AUS:unbound-debuginfo-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.AUS:unbound-debuginfo-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.AUS:unbound-debugsource-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.AUS:unbound-debugsource-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.AUS:unbound-devel-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.AUS:unbound-devel-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.AUS:unbound-libs-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.AUS:unbound-libs-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.AUS:unbound-libs-debuginfo-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.AUS:unbound-libs-debuginfo-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-unbound-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-unbound-debuginfo-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-unbound-debuginfo-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-0:1.7.3-15.el8_4.2.src",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-debuginfo-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-debuginfo-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-debugsource-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-debugsource-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-devel-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-devel-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-libs-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-libs-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-libs-debuginfo-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-libs-debuginfo-0:1.7.3-15.el8_4.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-5994"
},
{
"category": "external",
"summary": "RHBZ#2380949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380949"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-5994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5994"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-5994",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5994"
},
{
"category": "external",
"summary": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt",
"url": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt"
}
],
"release_date": "2025-07-16T14:38:22.738000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-11T07:37:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.AUS:python3-unbound-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.AUS:python3-unbound-debuginfo-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.AUS:python3-unbound-debuginfo-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.AUS:unbound-0:1.7.3-15.el8_4.2.src",
"AppStream-8.4.0.Z.AUS:unbound-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.AUS:unbound-debuginfo-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.AUS:unbound-debuginfo-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.AUS:unbound-debugsource-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.AUS:unbound-debugsource-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.AUS:unbound-devel-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.AUS:unbound-devel-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.AUS:unbound-libs-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.AUS:unbound-libs-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.AUS:unbound-libs-debuginfo-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.AUS:unbound-libs-debuginfo-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-unbound-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-unbound-debuginfo-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-unbound-debuginfo-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-0:1.7.3-15.el8_4.2.src",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-debuginfo-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-debuginfo-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-debugsource-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-debugsource-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-devel-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-devel-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-libs-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-libs-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-libs-debuginfo-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-libs-debuginfo-0:1.7.3-15.el8_4.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:13575"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.4.0.Z.AUS:python3-unbound-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.AUS:python3-unbound-debuginfo-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.AUS:python3-unbound-debuginfo-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.AUS:unbound-0:1.7.3-15.el8_4.2.src",
"AppStream-8.4.0.Z.AUS:unbound-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.AUS:unbound-debuginfo-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.AUS:unbound-debuginfo-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.AUS:unbound-debugsource-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.AUS:unbound-debugsource-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.AUS:unbound-devel-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.AUS:unbound-devel-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.AUS:unbound-libs-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.AUS:unbound-libs-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.AUS:unbound-libs-debuginfo-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.AUS:unbound-libs-debuginfo-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-unbound-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-unbound-debuginfo-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-unbound-debuginfo-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-0:1.7.3-15.el8_4.2.src",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-debuginfo-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-debuginfo-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-debugsource-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-debugsource-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-devel-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-devel-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-libs-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-libs-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-libs-debuginfo-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-libs-debuginfo-0:1.7.3-15.el8_4.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.AUS:python3-unbound-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.AUS:python3-unbound-debuginfo-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.AUS:python3-unbound-debuginfo-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.AUS:unbound-0:1.7.3-15.el8_4.2.src",
"AppStream-8.4.0.Z.AUS:unbound-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.AUS:unbound-debuginfo-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.AUS:unbound-debuginfo-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.AUS:unbound-debugsource-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.AUS:unbound-debugsource-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.AUS:unbound-devel-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.AUS:unbound-devel-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.AUS:unbound-libs-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.AUS:unbound-libs-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.AUS:unbound-libs-debuginfo-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.AUS:unbound-libs-debuginfo-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-unbound-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-unbound-debuginfo-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-unbound-debuginfo-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-0:1.7.3-15.el8_4.2.src",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-debuginfo-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-debuginfo-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-debugsource-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-debugsource-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-devel-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-devel-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-libs-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-libs-0:1.7.3-15.el8_4.2.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-libs-debuginfo-0:1.7.3-15.el8_4.2.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:unbound-libs-debuginfo-0:1.7.3-15.el8_4.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "unbound: Unbound Cache poisoning"
}
]
}
RHSA-2025:13576
Vulnerability from csaf_redhat - Published: 2025-08-11 07:35 - Updated: 2025-11-21 19:22Summary
Red Hat Security Advisory: unbound security update
Notes
Topic
An update for unbound is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver.
Security Fix(es):
* unbound: Unbound Cache poisoning (CVE-2025-5994)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for unbound is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. \n\nSecurity Fix(es):\n\n* unbound: Unbound Cache poisoning (CVE-2025-5994)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:13576",
"url": "https://access.redhat.com/errata/RHSA-2025:13576"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2380949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380949"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_13576.json"
}
],
"title": "Red Hat Security Advisory: unbound security update",
"tracking": {
"current_release_date": "2025-11-21T19:22:46+00:00",
"generator": {
"date": "2025-11-21T19:22:46+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2025:13576",
"initial_release_date": "2025-08-11T07:35:50+00:00",
"revision_history": [
{
"date": "2025-08-11T07:35:50+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-09-22T12:22:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T19:22:46+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product": {
"name": "Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_aus:8.2::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-unbound-0:1.7.3-12.el8_2.2.x86_64",
"product": {
"name": "python3-unbound-0:1.7.3-12.el8_2.2.x86_64",
"product_id": "python3-unbound-0:1.7.3-12.el8_2.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound@1.7.3-12.el8_2.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-0:1.7.3-12.el8_2.2.x86_64",
"product": {
"name": "unbound-0:1.7.3-12.el8_2.2.x86_64",
"product_id": "unbound-0:1.7.3-12.el8_2.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.7.3-12.el8_2.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-devel-0:1.7.3-12.el8_2.2.x86_64",
"product": {
"name": "unbound-devel-0:1.7.3-12.el8_2.2.x86_64",
"product_id": "unbound-devel-0:1.7.3-12.el8_2.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-devel@1.7.3-12.el8_2.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-0:1.7.3-12.el8_2.2.x86_64",
"product": {
"name": "unbound-libs-0:1.7.3-12.el8_2.2.x86_64",
"product_id": "unbound-libs-0:1.7.3-12.el8_2.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.7.3-12.el8_2.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.7.3-12.el8_2.2.x86_64",
"product": {
"name": "unbound-debugsource-0:1.7.3-12.el8_2.2.x86_64",
"product_id": "unbound-debugsource-0:1.7.3-12.el8_2.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.7.3-12.el8_2.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.7.3-12.el8_2.2.x86_64",
"product": {
"name": "python3-unbound-debuginfo-0:1.7.3-12.el8_2.2.x86_64",
"product_id": "python3-unbound-debuginfo-0:1.7.3-12.el8_2.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.7.3-12.el8_2.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.7.3-12.el8_2.2.x86_64",
"product": {
"name": "unbound-debuginfo-0:1.7.3-12.el8_2.2.x86_64",
"product_id": "unbound-debuginfo-0:1.7.3-12.el8_2.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.7.3-12.el8_2.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.7.3-12.el8_2.2.x86_64",
"product": {
"name": "unbound-libs-debuginfo-0:1.7.3-12.el8_2.2.x86_64",
"product_id": "unbound-libs-debuginfo-0:1.7.3-12.el8_2.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.7.3-12.el8_2.2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "unbound-devel-0:1.7.3-12.el8_2.2.i686",
"product": {
"name": "unbound-devel-0:1.7.3-12.el8_2.2.i686",
"product_id": "unbound-devel-0:1.7.3-12.el8_2.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-devel@1.7.3-12.el8_2.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-0:1.7.3-12.el8_2.2.i686",
"product": {
"name": "unbound-libs-0:1.7.3-12.el8_2.2.i686",
"product_id": "unbound-libs-0:1.7.3-12.el8_2.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.7.3-12.el8_2.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.7.3-12.el8_2.2.i686",
"product": {
"name": "unbound-debugsource-0:1.7.3-12.el8_2.2.i686",
"product_id": "unbound-debugsource-0:1.7.3-12.el8_2.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.7.3-12.el8_2.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.7.3-12.el8_2.2.i686",
"product": {
"name": "python3-unbound-debuginfo-0:1.7.3-12.el8_2.2.i686",
"product_id": "python3-unbound-debuginfo-0:1.7.3-12.el8_2.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.7.3-12.el8_2.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.7.3-12.el8_2.2.i686",
"product": {
"name": "unbound-debuginfo-0:1.7.3-12.el8_2.2.i686",
"product_id": "unbound-debuginfo-0:1.7.3-12.el8_2.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.7.3-12.el8_2.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.7.3-12.el8_2.2.i686",
"product": {
"name": "unbound-libs-debuginfo-0:1.7.3-12.el8_2.2.i686",
"product_id": "unbound-libs-debuginfo-0:1.7.3-12.el8_2.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.7.3-12.el8_2.2?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "unbound-0:1.7.3-12.el8_2.2.src",
"product": {
"name": "unbound-0:1.7.3-12.el8_2.2.src",
"product_id": "unbound-0:1.7.3-12.el8_2.2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.7.3-12.el8_2.2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.7.3-12.el8_2.2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS:python3-unbound-0:1.7.3-12.el8_2.2.x86_64"
},
"product_reference": "python3-unbound-0:1.7.3-12.el8_2.2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.7.3-12.el8_2.2.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.2.i686"
},
"product_reference": "python3-unbound-debuginfo-0:1.7.3-12.el8_2.2.i686",
"relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.7.3-12.el8_2.2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.2.x86_64"
},
"product_reference": "python3-unbound-debuginfo-0:1.7.3-12.el8_2.2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.7.3-12.el8_2.2.src as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS:unbound-0:1.7.3-12.el8_2.2.src"
},
"product_reference": "unbound-0:1.7.3-12.el8_2.2.src",
"relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.7.3-12.el8_2.2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS:unbound-0:1.7.3-12.el8_2.2.x86_64"
},
"product_reference": "unbound-0:1.7.3-12.el8_2.2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.7.3-12.el8_2.2.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS:unbound-debuginfo-0:1.7.3-12.el8_2.2.i686"
},
"product_reference": "unbound-debuginfo-0:1.7.3-12.el8_2.2.i686",
"relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.7.3-12.el8_2.2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS:unbound-debuginfo-0:1.7.3-12.el8_2.2.x86_64"
},
"product_reference": "unbound-debuginfo-0:1.7.3-12.el8_2.2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.7.3-12.el8_2.2.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS:unbound-debugsource-0:1.7.3-12.el8_2.2.i686"
},
"product_reference": "unbound-debugsource-0:1.7.3-12.el8_2.2.i686",
"relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.7.3-12.el8_2.2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS:unbound-debugsource-0:1.7.3-12.el8_2.2.x86_64"
},
"product_reference": "unbound-debugsource-0:1.7.3-12.el8_2.2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.7.3-12.el8_2.2.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS:unbound-devel-0:1.7.3-12.el8_2.2.i686"
},
"product_reference": "unbound-devel-0:1.7.3-12.el8_2.2.i686",
"relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.7.3-12.el8_2.2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS:unbound-devel-0:1.7.3-12.el8_2.2.x86_64"
},
"product_reference": "unbound-devel-0:1.7.3-12.el8_2.2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.7.3-12.el8_2.2.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS:unbound-libs-0:1.7.3-12.el8_2.2.i686"
},
"product_reference": "unbound-libs-0:1.7.3-12.el8_2.2.i686",
"relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.7.3-12.el8_2.2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS:unbound-libs-0:1.7.3-12.el8_2.2.x86_64"
},
"product_reference": "unbound-libs-0:1.7.3-12.el8_2.2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.7.3-12.el8_2.2.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.2.i686"
},
"product_reference": "unbound-libs-debuginfo-0:1.7.3-12.el8_2.2.i686",
"relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.7.3-12.el8_2.2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.2.x86_64"
},
"product_reference": "unbound-libs-debuginfo-0:1.7.3-12.el8_2.2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-5994",
"cwe": {
"id": "CWE-349",
"name": "Acceptance of Extraneous Untrusted Data With Trusted Data"
},
"discovery_date": "2025-07-16T15:01:36.497027+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380949"
}
],
"notes": [
{
"category": "description",
"text": "A cache poisoning flaw was found in Unbound. Resolvers supporting EDNS Client Subnet (ECS) must segregate outgoing queries to accommodate different outgoing ECS information. This issue reopens resolvers to a birthday paradox attack, known as the Rebirthday Attack, which attempts to match the DNS transaction ID with cache non-ECS poisoned replies.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "unbound: Unbound Cache poisoning",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is considered Important rather than Moderate because it directly compromises the integrity of DNS caching mechanisms in resolvers supporting EDNS Client Subnet (ECS). The flaw allows an attacker to exploit the birthday paradox by generating a high volume of concurrent queries with different ECS values, thereby increasing the chance of a transaction ID collision with a spoofed response. If the resolver fails to properly segregate cache entries by ECS scope, it may accept and cache a malicious non-ECS response, effectively leading to DNS cache poisoning. Unlike typical poisoning attempts that require precise timing or privileged network positions, this attack can be carried out remotely with a high success rate, especially in resolvers that do not correctly isolate ECS queries.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.AUS:python3-unbound-0:1.7.3-12.el8_2.2.x86_64",
"AppStream-8.2.0.Z.AUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.2.i686",
"AppStream-8.2.0.Z.AUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.2.x86_64",
"AppStream-8.2.0.Z.AUS:unbound-0:1.7.3-12.el8_2.2.src",
"AppStream-8.2.0.Z.AUS:unbound-0:1.7.3-12.el8_2.2.x86_64",
"AppStream-8.2.0.Z.AUS:unbound-debuginfo-0:1.7.3-12.el8_2.2.i686",
"AppStream-8.2.0.Z.AUS:unbound-debuginfo-0:1.7.3-12.el8_2.2.x86_64",
"AppStream-8.2.0.Z.AUS:unbound-debugsource-0:1.7.3-12.el8_2.2.i686",
"AppStream-8.2.0.Z.AUS:unbound-debugsource-0:1.7.3-12.el8_2.2.x86_64",
"AppStream-8.2.0.Z.AUS:unbound-devel-0:1.7.3-12.el8_2.2.i686",
"AppStream-8.2.0.Z.AUS:unbound-devel-0:1.7.3-12.el8_2.2.x86_64",
"AppStream-8.2.0.Z.AUS:unbound-libs-0:1.7.3-12.el8_2.2.i686",
"AppStream-8.2.0.Z.AUS:unbound-libs-0:1.7.3-12.el8_2.2.x86_64",
"AppStream-8.2.0.Z.AUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.2.i686",
"AppStream-8.2.0.Z.AUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-5994"
},
{
"category": "external",
"summary": "RHBZ#2380949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380949"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-5994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5994"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-5994",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5994"
},
{
"category": "external",
"summary": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt",
"url": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt"
}
],
"release_date": "2025-07-16T14:38:22.738000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-11T07:35:50+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.2.0.Z.AUS:python3-unbound-0:1.7.3-12.el8_2.2.x86_64",
"AppStream-8.2.0.Z.AUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.2.i686",
"AppStream-8.2.0.Z.AUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.2.x86_64",
"AppStream-8.2.0.Z.AUS:unbound-0:1.7.3-12.el8_2.2.src",
"AppStream-8.2.0.Z.AUS:unbound-0:1.7.3-12.el8_2.2.x86_64",
"AppStream-8.2.0.Z.AUS:unbound-debuginfo-0:1.7.3-12.el8_2.2.i686",
"AppStream-8.2.0.Z.AUS:unbound-debuginfo-0:1.7.3-12.el8_2.2.x86_64",
"AppStream-8.2.0.Z.AUS:unbound-debugsource-0:1.7.3-12.el8_2.2.i686",
"AppStream-8.2.0.Z.AUS:unbound-debugsource-0:1.7.3-12.el8_2.2.x86_64",
"AppStream-8.2.0.Z.AUS:unbound-devel-0:1.7.3-12.el8_2.2.i686",
"AppStream-8.2.0.Z.AUS:unbound-devel-0:1.7.3-12.el8_2.2.x86_64",
"AppStream-8.2.0.Z.AUS:unbound-libs-0:1.7.3-12.el8_2.2.i686",
"AppStream-8.2.0.Z.AUS:unbound-libs-0:1.7.3-12.el8_2.2.x86_64",
"AppStream-8.2.0.Z.AUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.2.i686",
"AppStream-8.2.0.Z.AUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:13576"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.2.0.Z.AUS:python3-unbound-0:1.7.3-12.el8_2.2.x86_64",
"AppStream-8.2.0.Z.AUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.2.i686",
"AppStream-8.2.0.Z.AUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.2.x86_64",
"AppStream-8.2.0.Z.AUS:unbound-0:1.7.3-12.el8_2.2.src",
"AppStream-8.2.0.Z.AUS:unbound-0:1.7.3-12.el8_2.2.x86_64",
"AppStream-8.2.0.Z.AUS:unbound-debuginfo-0:1.7.3-12.el8_2.2.i686",
"AppStream-8.2.0.Z.AUS:unbound-debuginfo-0:1.7.3-12.el8_2.2.x86_64",
"AppStream-8.2.0.Z.AUS:unbound-debugsource-0:1.7.3-12.el8_2.2.i686",
"AppStream-8.2.0.Z.AUS:unbound-debugsource-0:1.7.3-12.el8_2.2.x86_64",
"AppStream-8.2.0.Z.AUS:unbound-devel-0:1.7.3-12.el8_2.2.i686",
"AppStream-8.2.0.Z.AUS:unbound-devel-0:1.7.3-12.el8_2.2.x86_64",
"AppStream-8.2.0.Z.AUS:unbound-libs-0:1.7.3-12.el8_2.2.i686",
"AppStream-8.2.0.Z.AUS:unbound-libs-0:1.7.3-12.el8_2.2.x86_64",
"AppStream-8.2.0.Z.AUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.2.i686",
"AppStream-8.2.0.Z.AUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.AUS:python3-unbound-0:1.7.3-12.el8_2.2.x86_64",
"AppStream-8.2.0.Z.AUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.2.i686",
"AppStream-8.2.0.Z.AUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.2.x86_64",
"AppStream-8.2.0.Z.AUS:unbound-0:1.7.3-12.el8_2.2.src",
"AppStream-8.2.0.Z.AUS:unbound-0:1.7.3-12.el8_2.2.x86_64",
"AppStream-8.2.0.Z.AUS:unbound-debuginfo-0:1.7.3-12.el8_2.2.i686",
"AppStream-8.2.0.Z.AUS:unbound-debuginfo-0:1.7.3-12.el8_2.2.x86_64",
"AppStream-8.2.0.Z.AUS:unbound-debugsource-0:1.7.3-12.el8_2.2.i686",
"AppStream-8.2.0.Z.AUS:unbound-debugsource-0:1.7.3-12.el8_2.2.x86_64",
"AppStream-8.2.0.Z.AUS:unbound-devel-0:1.7.3-12.el8_2.2.i686",
"AppStream-8.2.0.Z.AUS:unbound-devel-0:1.7.3-12.el8_2.2.x86_64",
"AppStream-8.2.0.Z.AUS:unbound-libs-0:1.7.3-12.el8_2.2.i686",
"AppStream-8.2.0.Z.AUS:unbound-libs-0:1.7.3-12.el8_2.2.x86_64",
"AppStream-8.2.0.Z.AUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.2.i686",
"AppStream-8.2.0.Z.AUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "unbound: Unbound Cache poisoning"
}
]
}
RHSA-2025:18218
Vulnerability from csaf_redhat - Published: 2025-10-22 05:09 - Updated: 2025-12-03 09:29Summary
Red Hat Security Advisory: OpenShift Container Platform 4.17.42 bug fix and security update
Notes
Topic
Red Hat OpenShift Container Platform release 4.17.42 is now available with
updates to packages and images that fix several bugs and add enhancements.
This release includes a security update for Red Hat OpenShift Container
Platform 4.17.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the container images for Red Hat OpenShift Container
Platform 4.17.42. See the following advisory for the RPM packages for this
release:
https://access.redhat.com/errata/155270
Space precludes documenting all of the container images in this advisory.
See the following Release Notes documentation, which will be updated
shortly for this release, for details about these changes:
https://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html/release_notes/
Security Fix(es):
* libarchive: Double free at archive_read_format_rar_seek_data() in
archive_read_support_format_rar.c (CVE-2025-5914)
* unbound: Unbound Cache poisoning (CVE-2025-5994)
* sqlite: Integer Truncation in SQLite (CVE-2025-6965)
* podman: Podman kube play command may overwrite host files (CVE-2025-9566)
* libxml: Heap use after free (UAF) leads to Denial of service (DoS)
(CVE-2025-49794)
* libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
All OpenShift Container Platform 4.17 users are advised to upgrade to these
updated packages and images when they are available in the appropriate
release channel. To check for available updates, use the OpenShift CLI (oc)
or web console. Instructions for upgrading a cluster are available at
https://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html-single/updating_clusters/index#updating-cluster-cli.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.17.42 is now available with\nupdates to packages and images that fix several bugs and add enhancements.\n\n This release includes a security update for Red Hat OpenShift Container\nPlatform 4.17.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the container images for Red Hat OpenShift Container\nPlatform 4.17.42. See the following advisory for the RPM packages for this\nrelease:\n\nhttps://access.redhat.com/errata/155270\n\nSpace precludes documenting all of the container images in this advisory.\nSee the following Release Notes documentation, which will be updated\nshortly for this release, for details about these changes:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html/release_notes/\n\nSecurity Fix(es):\n\n* libarchive: Double free at archive_read_format_rar_seek_data() in\narchive_read_support_format_rar.c (CVE-2025-5914)\n* unbound: Unbound Cache poisoning (CVE-2025-5994)\n* sqlite: Integer Truncation in SQLite (CVE-2025-6965)\n* podman: Podman kube play command may overwrite host files (CVE-2025-9566)\n* libxml: Heap use after free (UAF) leads to Denial of service (DoS)\n(CVE-2025-49794)\n* libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.\n\nAll OpenShift Container Platform 4.17 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift CLI (oc)\nor web console. Instructions for upgrading a cluster are available at\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html-single/updating_clusters/index#updating-cluster-cli.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:18218",
"url": "https://access.redhat.com/errata/RHSA-2025:18218"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2370861",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370861"
},
{
"category": "external",
"summary": "2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "2380949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380949"
},
{
"category": "external",
"summary": "2393152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2393152"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_18218.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.17.42 bug fix and security update",
"tracking": {
"current_release_date": "2025-12-03T09:29:35+00:00",
"generator": {
"date": "2025-12-03T09:29:35+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.13"
}
},
"id": "RHSA-2025:18218",
"initial_release_date": "2025-10-22T05:09:35+00:00",
"revision_history": [
{
"date": "2025-10-22T05:09:35+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-10-22T05:09:35+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-12-03T09:29:35+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.17",
"product": {
"name": "Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.17::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos-aarch64-417.94.202510112152-0",
"product": {
"name": "rhcos-aarch64-417.94.202510112152-0",
"product_id": "rhcos-aarch64-417.94.202510112152-0",
"product_identification_helper": {
"purl": "pkg:generic/redhat/rhcos@417.94.202510112152?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos-ppc64le-417.94.202510112152-0",
"product": {
"name": "rhcos-ppc64le-417.94.202510112152-0",
"product_id": "rhcos-ppc64le-417.94.202510112152-0",
"product_identification_helper": {
"purl": "pkg:generic/redhat/rhcos@417.94.202510112152?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos-s390x-417.94.202510112152-0",
"product": {
"name": "rhcos-s390x-417.94.202510112152-0",
"product_id": "rhcos-s390x-417.94.202510112152-0",
"product_identification_helper": {
"purl": "pkg:generic/redhat/rhcos@417.94.202510112152?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos-x86_64-417.94.202510112152-0",
"product": {
"name": "rhcos-x86_64-417.94.202510112152-0",
"product_id": "rhcos-x86_64-417.94.202510112152-0",
"product_identification_helper": {
"purl": "pkg:generic/redhat/rhcos@417.94.202510112152?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos-aarch64-417.94.202510112152-0 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:rhcos-aarch64-417.94.202510112152-0"
},
"product_reference": "rhcos-aarch64-417.94.202510112152-0",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos-ppc64le-417.94.202510112152-0 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:rhcos-ppc64le-417.94.202510112152-0"
},
"product_reference": "rhcos-ppc64le-417.94.202510112152-0",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos-s390x-417.94.202510112152-0 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:rhcos-s390x-417.94.202510112152-0"
},
"product_reference": "rhcos-s390x-417.94.202510112152-0",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos-x86_64-417.94.202510112152-0 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:rhcos-x86_64-417.94.202510112152-0"
},
"product_reference": "rhcos-x86_64-417.94.202510112152-0",
"relates_to_product_reference": "9Base-RHOSE-4.17"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-5914",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"discovery_date": "2025-06-06T17:58:25.491000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2370861"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has rated this vulnerability as Important because it allows a local attacker with limited privileges to trigger a double-free in libarchive\u0027s RAR parser by providing a specially crafted RAR archive. Successful exploitation could result in code execution or application crashes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.17:rhcos-aarch64-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-ppc64le-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-s390x-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-x86_64-417.94.202510112152-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-5914"
},
{
"category": "external",
"summary": "RHBZ#2370861",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370861"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-5914",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5914"
},
{
"category": "external",
"summary": "https://github.com/libarchive/libarchive/pull/2598",
"url": "https://github.com/libarchive/libarchive/pull/2598"
},
{
"category": "external",
"summary": "https://github.com/libarchive/libarchive/releases/tag/v3.8.0",
"url": "https://github.com/libarchive/libarchive/releases/tag/v3.8.0"
}
],
"release_date": "2025-05-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-22T05:09:35+00:00",
"details": "For OpenShift Container Platform 4.17 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata\nfor x86_64, s390x, ppc64le, and aarch64 architectures. The image digests\nmay be found at\nhttps://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is {x864_DIGEST}\n\n (For s390x architecture)\n The image digest is {s390x_DIGEST}\n\n (For ppc64le architecture)\n The image digest is {ppc64le_DIGEST}\n\n (For aarch64 architecture)\n The image digest is {aarch64_DIGEST}\n\nAll OpenShift Container Platform 4.17 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift CLI (oc)\nor web console. Instructions for upgrading a cluster are available at\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.17:rhcos-aarch64-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-ppc64le-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-s390x-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-x86_64-417.94.202510112152-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:18218"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.17:rhcos-aarch64-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-ppc64le-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-s390x-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-x86_64-417.94.202510112152-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c"
},
{
"cve": "CVE-2025-5994",
"cwe": {
"id": "CWE-349",
"name": "Acceptance of Extraneous Untrusted Data With Trusted Data"
},
"discovery_date": "2025-07-16T15:01:36.497027+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380949"
}
],
"notes": [
{
"category": "description",
"text": "A cache poisoning flaw was found in Unbound. Resolvers supporting EDNS Client Subnet (ECS) must segregate outgoing queries to accommodate different outgoing ECS information. This issue reopens resolvers to a birthday paradox attack, known as the Rebirthday Attack, which attempts to match the DNS transaction ID with cache non-ECS poisoned replies.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "unbound: Unbound Cache poisoning",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is considered Important rather than Moderate because it directly compromises the integrity of DNS caching mechanisms in resolvers supporting EDNS Client Subnet (ECS). The flaw allows an attacker to exploit the birthday paradox by generating a high volume of concurrent queries with different ECS values, thereby increasing the chance of a transaction ID collision with a spoofed response. If the resolver fails to properly segregate cache entries by ECS scope, it may accept and cache a malicious non-ECS response, effectively leading to DNS cache poisoning. Unlike typical poisoning attempts that require precise timing or privileged network positions, this attack can be carried out remotely with a high success rate, especially in resolvers that do not correctly isolate ECS queries.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.17:rhcos-aarch64-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-ppc64le-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-s390x-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-x86_64-417.94.202510112152-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-5994"
},
{
"category": "external",
"summary": "RHBZ#2380949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380949"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-5994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5994"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-5994",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5994"
},
{
"category": "external",
"summary": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt",
"url": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt"
}
],
"release_date": "2025-07-16T14:38:22.738000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-22T05:09:35+00:00",
"details": "For OpenShift Container Platform 4.17 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata\nfor x86_64, s390x, ppc64le, and aarch64 architectures. The image digests\nmay be found at\nhttps://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is {x864_DIGEST}\n\n (For s390x architecture)\n The image digest is {s390x_DIGEST}\n\n (For ppc64le architecture)\n The image digest is {ppc64le_DIGEST}\n\n (For aarch64 architecture)\n The image digest is {aarch64_DIGEST}\n\nAll OpenShift Container Platform 4.17 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift CLI (oc)\nor web console. Instructions for upgrading a cluster are available at\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.17:rhcos-aarch64-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-ppc64le-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-s390x-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-x86_64-417.94.202510112152-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:18218"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHOSE-4.17:rhcos-aarch64-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-ppc64le-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-s390x-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-x86_64-417.94.202510112152-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.17:rhcos-aarch64-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-ppc64le-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-s390x-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-x86_64-417.94.202510112152-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "unbound: Unbound Cache poisoning"
},
{
"cve": "CVE-2025-6965",
"cwe": {
"id": "CWE-197",
"name": "Numeric Truncation Error"
},
"discovery_date": "2025-07-15T14:02:19.241458+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380149"
}
],
"notes": [
{
"category": "description",
"text": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sqlite: Integer Truncation in SQLite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in SQLite is categorized as Important rather than Critical because, although it involves memory corruption, the conditions required to trigger it are relatively constrained. The flaw arises when a query causes the number of aggregate terms to exceed internal limits, leading to potential buffer overflows or memory mismanagement. However, exploitation requires the ability to craft complex SQL queries and interact with the SQLite engine in a specific manner\u2014typically through direct SQL input. There is no known evidence of arbitrary code execution, privilege escalation, or remote exploitability as a direct result of this flaw. Additionally, most SQLite deployments are embedded in applications where input is tightly controlled or sanitized.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.17:rhcos-aarch64-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-ppc64le-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-s390x-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-x86_64-417.94.202510112152-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "RHBZ#2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8",
"url": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8"
}
],
"release_date": "2025-07-15T13:44:00.784000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-22T05:09:35+00:00",
"details": "For OpenShift Container Platform 4.17 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata\nfor x86_64, s390x, ppc64le, and aarch64 architectures. The image digests\nmay be found at\nhttps://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is {x864_DIGEST}\n\n (For s390x architecture)\n The image digest is {s390x_DIGEST}\n\n (For ppc64le architecture)\n The image digest is {ppc64le_DIGEST}\n\n (For aarch64 architecture)\n The image digest is {aarch64_DIGEST}\n\nAll OpenShift Container Platform 4.17 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift CLI (oc)\nor web console. Instructions for upgrading a cluster are available at\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.17:rhcos-aarch64-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-ppc64le-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-s390x-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-x86_64-417.94.202510112152-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:18218"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHOSE-4.17:rhcos-aarch64-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-ppc64le-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-s390x-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-x86_64-417.94.202510112152-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.17:rhcos-aarch64-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-ppc64le-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-s390x-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-x86_64-417.94.202510112152-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "sqlite: Integer Truncation in SQLite"
},
{
"acknowledgments": [
{
"names": [
"Paul Holzinger"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2025-9566",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-09-04T15:45:46.448000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2393152"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file.\n\nBinary-Affected: podman\nUpstream-version-introduced: v4.0.0\nUpstream-version-fixed: v5.6.1",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "podman: Podman kube play command may overwrite host files",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has evaluated this vulnerability as having the Important severity. This happens because of the consequences of an successful attack and the low complexity (AC:L) on exploiting this vulnerability. Although the attacker cannot control the content written to the target file, depending on which file was targeted, the exploitation of this flaw may lead sensitive data corruption (I:H) and leading the system to crash resulting in a Denial of Service attack (A:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.17:rhcos-aarch64-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-ppc64le-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-s390x-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-x86_64-417.94.202510112152-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9566"
},
{
"category": "external",
"summary": "RHBZ#2393152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2393152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9566",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9566"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9566",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9566"
}
],
"release_date": "2025-09-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-22T05:09:35+00:00",
"details": "For OpenShift Container Platform 4.17 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata\nfor x86_64, s390x, ppc64le, and aarch64 architectures. The image digests\nmay be found at\nhttps://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is {x864_DIGEST}\n\n (For s390x architecture)\n The image digest is {s390x_DIGEST}\n\n (For ppc64le architecture)\n The image digest is {ppc64le_DIGEST}\n\n (For aarch64 architecture)\n The image digest is {aarch64_DIGEST}\n\nAll OpenShift Container Platform 4.17 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift CLI (oc)\nor web console. Instructions for upgrading a cluster are available at\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.17:rhcos-aarch64-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-ppc64le-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-s390x-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-x86_64-417.94.202510112152-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:18218"
},
{
"category": "workaround",
"details": "Red Hat advises to not run the podman kube play command with untrusted Kubernetes YAML file as input, additionally review the Kubernetes YAML file before running it through podman may help to catch maliciously crafted secretes or volumes that may be used to exploit this vulnerability.",
"product_ids": [
"9Base-RHOSE-4.17:rhcos-aarch64-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-ppc64le-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-s390x-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-x86_64-417.94.202510112152-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.17:rhcos-aarch64-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-ppc64le-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-s390x-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-x86_64-417.94.202510112152-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "podman: Podman kube play command may overwrite host files"
},
{
"cve": "CVE-2025-49794",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-06-11T21:33:43.044000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372373"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the \u003csch:name path=\"...\"/\u003e schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program\u0027s crash using libxml or other possible undefined behaviors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue was rated with a severity impact of Important by Red Hat Product Security, as libxml can be used to parse XML coming from the network depending on how the program consumes it and uses the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.17:rhcos-aarch64-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-ppc64le-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-s390x-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-x86_64-417.94.202510112152-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49794"
},
{
"category": "external",
"summary": "RHBZ#2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794"
}
],
"release_date": "2025-06-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-22T05:09:35+00:00",
"details": "For OpenShift Container Platform 4.17 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata\nfor x86_64, s390x, ppc64le, and aarch64 architectures. The image digests\nmay be found at\nhttps://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is {x864_DIGEST}\n\n (For s390x architecture)\n The image digest is {s390x_DIGEST}\n\n (For ppc64le architecture)\n The image digest is {ppc64le_DIGEST}\n\n (For aarch64 architecture)\n The image digest is {aarch64_DIGEST}\n\nAll OpenShift Container Platform 4.17 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift CLI (oc)\nor web console. Instructions for upgrading a cluster are available at\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.17:rhcos-aarch64-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-ppc64le-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-s390x-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-x86_64-417.94.202510112152-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:18218"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than avoid processing untrusted XML documents before updating to the libxml version containing the fix.",
"product_ids": [
"9Base-RHOSE-4.17:rhcos-aarch64-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-ppc64le-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-s390x-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-x86_64-417.94.202510112152-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.17:rhcos-aarch64-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-ppc64le-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-s390x-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-x86_64-417.94.202510112152-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)"
},
{
"cve": "CVE-2025-49796",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-06-12T00:35:26.470000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372385"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Type confusion leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has evaluated this vulnerability as having an Important security impact, as libxml can be used to parse XML from the network depending on how the program consumes it using the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.17:rhcos-aarch64-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-ppc64le-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-s390x-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-x86_64-417.94.202510112152-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49796"
},
{
"category": "external",
"summary": "RHBZ#2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796"
}
],
"release_date": "2025-06-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-22T05:09:35+00:00",
"details": "For OpenShift Container Platform 4.17 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata\nfor x86_64, s390x, ppc64le, and aarch64 architectures. The image digests\nmay be found at\nhttps://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is {x864_DIGEST}\n\n (For s390x architecture)\n The image digest is {s390x_DIGEST}\n\n (For ppc64le architecture)\n The image digest is {ppc64le_DIGEST}\n\n (For aarch64 architecture)\n The image digest is {aarch64_DIGEST}\n\nAll OpenShift Container Platform 4.17 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift CLI (oc)\nor web console. Instructions for upgrading a cluster are available at\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.17:rhcos-aarch64-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-ppc64le-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-s390x-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-x86_64-417.94.202510112152-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:18218"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than to avoid processing untrusted XML documents if the user is unable/unwilling to update the library.",
"product_ids": [
"9Base-RHOSE-4.17:rhcos-aarch64-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-ppc64le-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-s390x-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-x86_64-417.94.202510112152-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.17:rhcos-aarch64-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-ppc64le-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-s390x-417.94.202510112152-0",
"9Base-RHOSE-4.17:rhcos-x86_64-417.94.202510112152-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Type confusion leads to Denial of service (DoS)"
}
]
}
RHSA-2025:12520
Vulnerability from csaf_redhat - Published: 2025-08-04 15:19 - Updated: 2025-11-21 19:21Summary
Red Hat Security Advisory: unbound security update
Notes
Topic
An update for unbound is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver.
Security Fix(es):
* unbound: Unbound Cache poisoning (CVE-2025-5994)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for unbound is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. \n\nSecurity Fix(es):\n\n* unbound: Unbound Cache poisoning (CVE-2025-5994)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:12520",
"url": "https://access.redhat.com/errata/RHSA-2025:12520"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2380949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380949"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_12520.json"
}
],
"title": "Red Hat Security Advisory: unbound security update",
"tracking": {
"current_release_date": "2025-11-21T19:21:34+00:00",
"generator": {
"date": "2025-11-21T19:21:34+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2025:12520",
"initial_release_date": "2025-08-04T15:19:32+00:00",
"revision_history": [
{
"date": "2025-08-04T15:19:32+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-08-04T15:19:32+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T19:21:34+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product": {
"name": "Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:9.0::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-unbound-0:1.13.1-13.el9_0.5.aarch64",
"product": {
"name": "python3-unbound-0:1.13.1-13.el9_0.5.aarch64",
"product_id": "python3-unbound-0:1.13.1-13.el9_0.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound@1.13.1-13.el9_0.5?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-0:1.13.1-13.el9_0.5.aarch64",
"product": {
"name": "unbound-0:1.13.1-13.el9_0.5.aarch64",
"product_id": "unbound-0:1.13.1-13.el9_0.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.13.1-13.el9_0.5?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-0:1.13.1-13.el9_0.5.aarch64",
"product": {
"name": "unbound-libs-0:1.13.1-13.el9_0.5.aarch64",
"product_id": "unbound-libs-0:1.13.1-13.el9_0.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.13.1-13.el9_0.5?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.13.1-13.el9_0.5.aarch64",
"product": {
"name": "unbound-debugsource-0:1.13.1-13.el9_0.5.aarch64",
"product_id": "unbound-debugsource-0:1.13.1-13.el9_0.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.13.1-13.el9_0.5?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.aarch64",
"product": {
"name": "python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.aarch64",
"product_id": "python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.13.1-13.el9_0.5?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.13.1-13.el9_0.5.aarch64",
"product": {
"name": "unbound-debuginfo-0:1.13.1-13.el9_0.5.aarch64",
"product_id": "unbound-debuginfo-0:1.13.1-13.el9_0.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.13.1-13.el9_0.5?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.aarch64",
"product": {
"name": "unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.aarch64",
"product_id": "unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.13.1-13.el9_0.5?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-unbound-0:1.13.1-13.el9_0.5.ppc64le",
"product": {
"name": "python3-unbound-0:1.13.1-13.el9_0.5.ppc64le",
"product_id": "python3-unbound-0:1.13.1-13.el9_0.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound@1.13.1-13.el9_0.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-0:1.13.1-13.el9_0.5.ppc64le",
"product": {
"name": "unbound-0:1.13.1-13.el9_0.5.ppc64le",
"product_id": "unbound-0:1.13.1-13.el9_0.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.13.1-13.el9_0.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-0:1.13.1-13.el9_0.5.ppc64le",
"product": {
"name": "unbound-libs-0:1.13.1-13.el9_0.5.ppc64le",
"product_id": "unbound-libs-0:1.13.1-13.el9_0.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.13.1-13.el9_0.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.13.1-13.el9_0.5.ppc64le",
"product": {
"name": "unbound-debugsource-0:1.13.1-13.el9_0.5.ppc64le",
"product_id": "unbound-debugsource-0:1.13.1-13.el9_0.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.13.1-13.el9_0.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.ppc64le",
"product": {
"name": "python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.ppc64le",
"product_id": "python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.13.1-13.el9_0.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.13.1-13.el9_0.5.ppc64le",
"product": {
"name": "unbound-debuginfo-0:1.13.1-13.el9_0.5.ppc64le",
"product_id": "unbound-debuginfo-0:1.13.1-13.el9_0.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.13.1-13.el9_0.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.ppc64le",
"product": {
"name": "unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.ppc64le",
"product_id": "unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.13.1-13.el9_0.5?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-unbound-0:1.13.1-13.el9_0.5.x86_64",
"product": {
"name": "python3-unbound-0:1.13.1-13.el9_0.5.x86_64",
"product_id": "python3-unbound-0:1.13.1-13.el9_0.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound@1.13.1-13.el9_0.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-0:1.13.1-13.el9_0.5.x86_64",
"product": {
"name": "unbound-0:1.13.1-13.el9_0.5.x86_64",
"product_id": "unbound-0:1.13.1-13.el9_0.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.13.1-13.el9_0.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-0:1.13.1-13.el9_0.5.x86_64",
"product": {
"name": "unbound-libs-0:1.13.1-13.el9_0.5.x86_64",
"product_id": "unbound-libs-0:1.13.1-13.el9_0.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.13.1-13.el9_0.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.13.1-13.el9_0.5.x86_64",
"product": {
"name": "unbound-debugsource-0:1.13.1-13.el9_0.5.x86_64",
"product_id": "unbound-debugsource-0:1.13.1-13.el9_0.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.13.1-13.el9_0.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.x86_64",
"product": {
"name": "python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.x86_64",
"product_id": "python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.13.1-13.el9_0.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.13.1-13.el9_0.5.x86_64",
"product": {
"name": "unbound-debuginfo-0:1.13.1-13.el9_0.5.x86_64",
"product_id": "unbound-debuginfo-0:1.13.1-13.el9_0.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.13.1-13.el9_0.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.x86_64",
"product": {
"name": "unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.x86_64",
"product_id": "unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.13.1-13.el9_0.5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "unbound-libs-0:1.13.1-13.el9_0.5.i686",
"product": {
"name": "unbound-libs-0:1.13.1-13.el9_0.5.i686",
"product_id": "unbound-libs-0:1.13.1-13.el9_0.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.13.1-13.el9_0.5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.13.1-13.el9_0.5.i686",
"product": {
"name": "unbound-debugsource-0:1.13.1-13.el9_0.5.i686",
"product_id": "unbound-debugsource-0:1.13.1-13.el9_0.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.13.1-13.el9_0.5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.i686",
"product": {
"name": "python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.i686",
"product_id": "python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.13.1-13.el9_0.5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.13.1-13.el9_0.5.i686",
"product": {
"name": "unbound-debuginfo-0:1.13.1-13.el9_0.5.i686",
"product_id": "unbound-debuginfo-0:1.13.1-13.el9_0.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.13.1-13.el9_0.5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.i686",
"product": {
"name": "unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.i686",
"product_id": "unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.13.1-13.el9_0.5?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-unbound-0:1.13.1-13.el9_0.5.s390x",
"product": {
"name": "python3-unbound-0:1.13.1-13.el9_0.5.s390x",
"product_id": "python3-unbound-0:1.13.1-13.el9_0.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound@1.13.1-13.el9_0.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-0:1.13.1-13.el9_0.5.s390x",
"product": {
"name": "unbound-0:1.13.1-13.el9_0.5.s390x",
"product_id": "unbound-0:1.13.1-13.el9_0.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.13.1-13.el9_0.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-0:1.13.1-13.el9_0.5.s390x",
"product": {
"name": "unbound-libs-0:1.13.1-13.el9_0.5.s390x",
"product_id": "unbound-libs-0:1.13.1-13.el9_0.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.13.1-13.el9_0.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.13.1-13.el9_0.5.s390x",
"product": {
"name": "unbound-debugsource-0:1.13.1-13.el9_0.5.s390x",
"product_id": "unbound-debugsource-0:1.13.1-13.el9_0.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.13.1-13.el9_0.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.s390x",
"product": {
"name": "python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.s390x",
"product_id": "python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.13.1-13.el9_0.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.13.1-13.el9_0.5.s390x",
"product": {
"name": "unbound-debuginfo-0:1.13.1-13.el9_0.5.s390x",
"product_id": "unbound-debuginfo-0:1.13.1-13.el9_0.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.13.1-13.el9_0.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.s390x",
"product": {
"name": "unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.s390x",
"product_id": "unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.13.1-13.el9_0.5?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "unbound-0:1.13.1-13.el9_0.5.src",
"product": {
"name": "unbound-0:1.13.1-13.el9_0.5.src",
"product_id": "unbound-0:1.13.1-13.el9_0.5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.13.1-13.el9_0.5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.13.1-13.el9_0.5.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:python3-unbound-0:1.13.1-13.el9_0.5.aarch64"
},
"product_reference": "python3-unbound-0:1.13.1-13.el9_0.5.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.13.1-13.el9_0.5.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:python3-unbound-0:1.13.1-13.el9_0.5.ppc64le"
},
"product_reference": "python3-unbound-0:1.13.1-13.el9_0.5.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.13.1-13.el9_0.5.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:python3-unbound-0:1.13.1-13.el9_0.5.s390x"
},
"product_reference": "python3-unbound-0:1.13.1-13.el9_0.5.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.13.1-13.el9_0.5.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:python3-unbound-0:1.13.1-13.el9_0.5.x86_64"
},
"product_reference": "python3-unbound-0:1.13.1-13.el9_0.5.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.aarch64"
},
"product_reference": "python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.i686"
},
"product_reference": "python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.ppc64le"
},
"product_reference": "python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.s390x"
},
"product_reference": "python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.x86_64"
},
"product_reference": "python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.13.1-13.el9_0.5.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:unbound-0:1.13.1-13.el9_0.5.aarch64"
},
"product_reference": "unbound-0:1.13.1-13.el9_0.5.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.13.1-13.el9_0.5.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:unbound-0:1.13.1-13.el9_0.5.ppc64le"
},
"product_reference": "unbound-0:1.13.1-13.el9_0.5.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.13.1-13.el9_0.5.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:unbound-0:1.13.1-13.el9_0.5.s390x"
},
"product_reference": "unbound-0:1.13.1-13.el9_0.5.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.13.1-13.el9_0.5.src as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:unbound-0:1.13.1-13.el9_0.5.src"
},
"product_reference": "unbound-0:1.13.1-13.el9_0.5.src",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.13.1-13.el9_0.5.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:unbound-0:1.13.1-13.el9_0.5.x86_64"
},
"product_reference": "unbound-0:1.13.1-13.el9_0.5.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.13.1-13.el9_0.5.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:unbound-debuginfo-0:1.13.1-13.el9_0.5.aarch64"
},
"product_reference": "unbound-debuginfo-0:1.13.1-13.el9_0.5.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.13.1-13.el9_0.5.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:unbound-debuginfo-0:1.13.1-13.el9_0.5.i686"
},
"product_reference": "unbound-debuginfo-0:1.13.1-13.el9_0.5.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.13.1-13.el9_0.5.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:unbound-debuginfo-0:1.13.1-13.el9_0.5.ppc64le"
},
"product_reference": "unbound-debuginfo-0:1.13.1-13.el9_0.5.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.13.1-13.el9_0.5.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:unbound-debuginfo-0:1.13.1-13.el9_0.5.s390x"
},
"product_reference": "unbound-debuginfo-0:1.13.1-13.el9_0.5.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.13.1-13.el9_0.5.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:unbound-debuginfo-0:1.13.1-13.el9_0.5.x86_64"
},
"product_reference": "unbound-debuginfo-0:1.13.1-13.el9_0.5.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.13.1-13.el9_0.5.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:unbound-debugsource-0:1.13.1-13.el9_0.5.aarch64"
},
"product_reference": "unbound-debugsource-0:1.13.1-13.el9_0.5.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.13.1-13.el9_0.5.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:unbound-debugsource-0:1.13.1-13.el9_0.5.i686"
},
"product_reference": "unbound-debugsource-0:1.13.1-13.el9_0.5.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.13.1-13.el9_0.5.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:unbound-debugsource-0:1.13.1-13.el9_0.5.ppc64le"
},
"product_reference": "unbound-debugsource-0:1.13.1-13.el9_0.5.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.13.1-13.el9_0.5.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:unbound-debugsource-0:1.13.1-13.el9_0.5.s390x"
},
"product_reference": "unbound-debugsource-0:1.13.1-13.el9_0.5.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.13.1-13.el9_0.5.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:unbound-debugsource-0:1.13.1-13.el9_0.5.x86_64"
},
"product_reference": "unbound-debugsource-0:1.13.1-13.el9_0.5.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.13.1-13.el9_0.5.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:unbound-libs-0:1.13.1-13.el9_0.5.aarch64"
},
"product_reference": "unbound-libs-0:1.13.1-13.el9_0.5.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.13.1-13.el9_0.5.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:unbound-libs-0:1.13.1-13.el9_0.5.i686"
},
"product_reference": "unbound-libs-0:1.13.1-13.el9_0.5.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.13.1-13.el9_0.5.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:unbound-libs-0:1.13.1-13.el9_0.5.ppc64le"
},
"product_reference": "unbound-libs-0:1.13.1-13.el9_0.5.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.13.1-13.el9_0.5.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:unbound-libs-0:1.13.1-13.el9_0.5.s390x"
},
"product_reference": "unbound-libs-0:1.13.1-13.el9_0.5.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.13.1-13.el9_0.5.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:unbound-libs-0:1.13.1-13.el9_0.5.x86_64"
},
"product_reference": "unbound-libs-0:1.13.1-13.el9_0.5.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.aarch64"
},
"product_reference": "unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.i686"
},
"product_reference": "unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.ppc64le"
},
"product_reference": "unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.s390x"
},
"product_reference": "unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.x86_64"
},
"product_reference": "unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-5994",
"cwe": {
"id": "CWE-349",
"name": "Acceptance of Extraneous Untrusted Data With Trusted Data"
},
"discovery_date": "2025-07-16T15:01:36.497027+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380949"
}
],
"notes": [
{
"category": "description",
"text": "A cache poisoning flaw was found in Unbound. Resolvers supporting EDNS Client Subnet (ECS) must segregate outgoing queries to accommodate different outgoing ECS information. This issue reopens resolvers to a birthday paradox attack, known as the Rebirthday Attack, which attempts to match the DNS transaction ID with cache non-ECS poisoned replies.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "unbound: Unbound Cache poisoning",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is considered Important rather than Moderate because it directly compromises the integrity of DNS caching mechanisms in resolvers supporting EDNS Client Subnet (ECS). The flaw allows an attacker to exploit the birthday paradox by generating a high volume of concurrent queries with different ECS values, thereby increasing the chance of a transaction ID collision with a spoofed response. If the resolver fails to properly segregate cache entries by ECS scope, it may accept and cache a malicious non-ECS response, effectively leading to DNS cache poisoning. Unlike typical poisoning attempts that require precise timing or privileged network positions, this attack can be carried out remotely with a high success rate, especially in resolvers that do not correctly isolate ECS queries.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.E4S:python3-unbound-0:1.13.1-13.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:python3-unbound-0:1.13.1-13.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:python3-unbound-0:1.13.1-13.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:python3-unbound-0:1.13.1-13.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:unbound-0:1.13.1-13.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:unbound-0:1.13.1-13.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:unbound-0:1.13.1-13.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:unbound-0:1.13.1-13.el9_0.5.src",
"AppStream-9.0.0.Z.E4S:unbound-0:1.13.1-13.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:unbound-debuginfo-0:1.13.1-13.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:unbound-debuginfo-0:1.13.1-13.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:unbound-debuginfo-0:1.13.1-13.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:unbound-debuginfo-0:1.13.1-13.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:unbound-debuginfo-0:1.13.1-13.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:unbound-debugsource-0:1.13.1-13.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:unbound-debugsource-0:1.13.1-13.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:unbound-debugsource-0:1.13.1-13.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:unbound-debugsource-0:1.13.1-13.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:unbound-debugsource-0:1.13.1-13.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:unbound-libs-0:1.13.1-13.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:unbound-libs-0:1.13.1-13.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:unbound-libs-0:1.13.1-13.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:unbound-libs-0:1.13.1-13.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:unbound-libs-0:1.13.1-13.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-5994"
},
{
"category": "external",
"summary": "RHBZ#2380949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380949"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-5994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5994"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-5994",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5994"
},
{
"category": "external",
"summary": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt",
"url": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt"
}
],
"release_date": "2025-07-16T14:38:22.738000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-04T15:19:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.E4S:python3-unbound-0:1.13.1-13.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:python3-unbound-0:1.13.1-13.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:python3-unbound-0:1.13.1-13.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:python3-unbound-0:1.13.1-13.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:unbound-0:1.13.1-13.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:unbound-0:1.13.1-13.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:unbound-0:1.13.1-13.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:unbound-0:1.13.1-13.el9_0.5.src",
"AppStream-9.0.0.Z.E4S:unbound-0:1.13.1-13.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:unbound-debuginfo-0:1.13.1-13.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:unbound-debuginfo-0:1.13.1-13.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:unbound-debuginfo-0:1.13.1-13.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:unbound-debuginfo-0:1.13.1-13.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:unbound-debuginfo-0:1.13.1-13.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:unbound-debugsource-0:1.13.1-13.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:unbound-debugsource-0:1.13.1-13.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:unbound-debugsource-0:1.13.1-13.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:unbound-debugsource-0:1.13.1-13.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:unbound-debugsource-0:1.13.1-13.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:unbound-libs-0:1.13.1-13.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:unbound-libs-0:1.13.1-13.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:unbound-libs-0:1.13.1-13.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:unbound-libs-0:1.13.1-13.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:unbound-libs-0:1.13.1-13.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:12520"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.0.0.Z.E4S:python3-unbound-0:1.13.1-13.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:python3-unbound-0:1.13.1-13.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:python3-unbound-0:1.13.1-13.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:python3-unbound-0:1.13.1-13.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:unbound-0:1.13.1-13.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:unbound-0:1.13.1-13.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:unbound-0:1.13.1-13.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:unbound-0:1.13.1-13.el9_0.5.src",
"AppStream-9.0.0.Z.E4S:unbound-0:1.13.1-13.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:unbound-debuginfo-0:1.13.1-13.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:unbound-debuginfo-0:1.13.1-13.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:unbound-debuginfo-0:1.13.1-13.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:unbound-debuginfo-0:1.13.1-13.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:unbound-debuginfo-0:1.13.1-13.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:unbound-debugsource-0:1.13.1-13.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:unbound-debugsource-0:1.13.1-13.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:unbound-debugsource-0:1.13.1-13.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:unbound-debugsource-0:1.13.1-13.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:unbound-debugsource-0:1.13.1-13.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:unbound-libs-0:1.13.1-13.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:unbound-libs-0:1.13.1-13.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:unbound-libs-0:1.13.1-13.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:unbound-libs-0:1.13.1-13.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:unbound-libs-0:1.13.1-13.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.E4S:python3-unbound-0:1.13.1-13.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:python3-unbound-0:1.13.1-13.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:python3-unbound-0:1.13.1-13.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:python3-unbound-0:1.13.1-13.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:python3-unbound-debuginfo-0:1.13.1-13.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:unbound-0:1.13.1-13.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:unbound-0:1.13.1-13.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:unbound-0:1.13.1-13.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:unbound-0:1.13.1-13.el9_0.5.src",
"AppStream-9.0.0.Z.E4S:unbound-0:1.13.1-13.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:unbound-debuginfo-0:1.13.1-13.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:unbound-debuginfo-0:1.13.1-13.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:unbound-debuginfo-0:1.13.1-13.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:unbound-debuginfo-0:1.13.1-13.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:unbound-debuginfo-0:1.13.1-13.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:unbound-debugsource-0:1.13.1-13.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:unbound-debugsource-0:1.13.1-13.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:unbound-debugsource-0:1.13.1-13.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:unbound-debugsource-0:1.13.1-13.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:unbound-debugsource-0:1.13.1-13.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:unbound-libs-0:1.13.1-13.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:unbound-libs-0:1.13.1-13.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:unbound-libs-0:1.13.1-13.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:unbound-libs-0:1.13.1-13.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:unbound-libs-0:1.13.1-13.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:unbound-libs-debuginfo-0:1.13.1-13.el9_0.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "unbound: Unbound Cache poisoning"
}
]
}
RHSA-2025:12929
Vulnerability from csaf_redhat - Published: 2025-08-05 08:17 - Updated: 2025-11-21 19:21Summary
Red Hat Security Advisory: unbound security update
Notes
Topic
An update for unbound is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver.
Security Fix(es):
* unbound: Unbound Cache poisoning (CVE-2025-5994)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for unbound is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. \n\nSecurity Fix(es):\n\n* unbound: Unbound Cache poisoning (CVE-2025-5994)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:12929",
"url": "https://access.redhat.com/errata/RHSA-2025:12929"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2380949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380949"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_12929.json"
}
],
"title": "Red Hat Security Advisory: unbound security update",
"tracking": {
"current_release_date": "2025-11-21T19:21:56+00:00",
"generator": {
"date": "2025-11-21T19:21:56+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2025:12929",
"initial_release_date": "2025-08-05T08:17:28+00:00",
"revision_history": [
{
"date": "2025-08-05T08:17:28+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-08-05T08:17:28+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T19:21:56+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:8.8::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_tus:8.8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-unbound-0:1.16.2-5.el8_8.5.ppc64le",
"product": {
"name": "python3-unbound-0:1.16.2-5.el8_8.5.ppc64le",
"product_id": "python3-unbound-0:1.16.2-5.el8_8.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound@1.16.2-5.el8_8.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-0:1.16.2-5.el8_8.5.ppc64le",
"product": {
"name": "unbound-0:1.16.2-5.el8_8.5.ppc64le",
"product_id": "unbound-0:1.16.2-5.el8_8.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.16.2-5.el8_8.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-devel-0:1.16.2-5.el8_8.5.ppc64le",
"product": {
"name": "unbound-devel-0:1.16.2-5.el8_8.5.ppc64le",
"product_id": "unbound-devel-0:1.16.2-5.el8_8.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-devel@1.16.2-5.el8_8.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-0:1.16.2-5.el8_8.5.ppc64le",
"product": {
"name": "unbound-libs-0:1.16.2-5.el8_8.5.ppc64le",
"product_id": "unbound-libs-0:1.16.2-5.el8_8.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.16.2-5.el8_8.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.16.2-5.el8_8.5.ppc64le",
"product": {
"name": "unbound-debugsource-0:1.16.2-5.el8_8.5.ppc64le",
"product_id": "unbound-debugsource-0:1.16.2-5.el8_8.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.16.2-5.el8_8.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.ppc64le",
"product": {
"name": "python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.ppc64le",
"product_id": "python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.16.2-5.el8_8.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.16.2-5.el8_8.5.ppc64le",
"product": {
"name": "unbound-debuginfo-0:1.16.2-5.el8_8.5.ppc64le",
"product_id": "unbound-debuginfo-0:1.16.2-5.el8_8.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.16.2-5.el8_8.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.ppc64le",
"product": {
"name": "unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.ppc64le",
"product_id": "unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.16.2-5.el8_8.5?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-unbound-0:1.16.2-5.el8_8.5.x86_64",
"product": {
"name": "python3-unbound-0:1.16.2-5.el8_8.5.x86_64",
"product_id": "python3-unbound-0:1.16.2-5.el8_8.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound@1.16.2-5.el8_8.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-0:1.16.2-5.el8_8.5.x86_64",
"product": {
"name": "unbound-0:1.16.2-5.el8_8.5.x86_64",
"product_id": "unbound-0:1.16.2-5.el8_8.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.16.2-5.el8_8.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-devel-0:1.16.2-5.el8_8.5.x86_64",
"product": {
"name": "unbound-devel-0:1.16.2-5.el8_8.5.x86_64",
"product_id": "unbound-devel-0:1.16.2-5.el8_8.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-devel@1.16.2-5.el8_8.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-0:1.16.2-5.el8_8.5.x86_64",
"product": {
"name": "unbound-libs-0:1.16.2-5.el8_8.5.x86_64",
"product_id": "unbound-libs-0:1.16.2-5.el8_8.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.16.2-5.el8_8.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.16.2-5.el8_8.5.x86_64",
"product": {
"name": "unbound-debugsource-0:1.16.2-5.el8_8.5.x86_64",
"product_id": "unbound-debugsource-0:1.16.2-5.el8_8.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.16.2-5.el8_8.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.x86_64",
"product": {
"name": "python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.x86_64",
"product_id": "python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.16.2-5.el8_8.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.16.2-5.el8_8.5.x86_64",
"product": {
"name": "unbound-debuginfo-0:1.16.2-5.el8_8.5.x86_64",
"product_id": "unbound-debuginfo-0:1.16.2-5.el8_8.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.16.2-5.el8_8.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.x86_64",
"product": {
"name": "unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.x86_64",
"product_id": "unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.16.2-5.el8_8.5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "unbound-devel-0:1.16.2-5.el8_8.5.i686",
"product": {
"name": "unbound-devel-0:1.16.2-5.el8_8.5.i686",
"product_id": "unbound-devel-0:1.16.2-5.el8_8.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-devel@1.16.2-5.el8_8.5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-0:1.16.2-5.el8_8.5.i686",
"product": {
"name": "unbound-libs-0:1.16.2-5.el8_8.5.i686",
"product_id": "unbound-libs-0:1.16.2-5.el8_8.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.16.2-5.el8_8.5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.16.2-5.el8_8.5.i686",
"product": {
"name": "unbound-debugsource-0:1.16.2-5.el8_8.5.i686",
"product_id": "unbound-debugsource-0:1.16.2-5.el8_8.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.16.2-5.el8_8.5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.i686",
"product": {
"name": "python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.i686",
"product_id": "python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.16.2-5.el8_8.5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.16.2-5.el8_8.5.i686",
"product": {
"name": "unbound-debuginfo-0:1.16.2-5.el8_8.5.i686",
"product_id": "unbound-debuginfo-0:1.16.2-5.el8_8.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.16.2-5.el8_8.5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.i686",
"product": {
"name": "unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.i686",
"product_id": "unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.16.2-5.el8_8.5?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "unbound-0:1.16.2-5.el8_8.5.src",
"product": {
"name": "unbound-0:1.16.2-5.el8_8.5.src",
"product_id": "unbound-0:1.16.2-5.el8_8.5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.16.2-5.el8_8.5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.16.2-5.el8_8.5.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:python3-unbound-0:1.16.2-5.el8_8.5.ppc64le"
},
"product_reference": "python3-unbound-0:1.16.2-5.el8_8.5.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.16.2-5.el8_8.5.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:python3-unbound-0:1.16.2-5.el8_8.5.x86_64"
},
"product_reference": "python3-unbound-0:1.16.2-5.el8_8.5.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.i686"
},
"product_reference": "python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.i686",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.ppc64le"
},
"product_reference": "python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.x86_64"
},
"product_reference": "python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.16.2-5.el8_8.5.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:unbound-0:1.16.2-5.el8_8.5.ppc64le"
},
"product_reference": "unbound-0:1.16.2-5.el8_8.5.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.16.2-5.el8_8.5.src as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:unbound-0:1.16.2-5.el8_8.5.src"
},
"product_reference": "unbound-0:1.16.2-5.el8_8.5.src",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.16.2-5.el8_8.5.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:unbound-0:1.16.2-5.el8_8.5.x86_64"
},
"product_reference": "unbound-0:1.16.2-5.el8_8.5.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.16.2-5.el8_8.5.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:unbound-debuginfo-0:1.16.2-5.el8_8.5.i686"
},
"product_reference": "unbound-debuginfo-0:1.16.2-5.el8_8.5.i686",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.16.2-5.el8_8.5.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:unbound-debuginfo-0:1.16.2-5.el8_8.5.ppc64le"
},
"product_reference": "unbound-debuginfo-0:1.16.2-5.el8_8.5.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.16.2-5.el8_8.5.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:unbound-debuginfo-0:1.16.2-5.el8_8.5.x86_64"
},
"product_reference": "unbound-debuginfo-0:1.16.2-5.el8_8.5.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.16.2-5.el8_8.5.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:unbound-debugsource-0:1.16.2-5.el8_8.5.i686"
},
"product_reference": "unbound-debugsource-0:1.16.2-5.el8_8.5.i686",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.16.2-5.el8_8.5.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:unbound-debugsource-0:1.16.2-5.el8_8.5.ppc64le"
},
"product_reference": "unbound-debugsource-0:1.16.2-5.el8_8.5.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.16.2-5.el8_8.5.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:unbound-debugsource-0:1.16.2-5.el8_8.5.x86_64"
},
"product_reference": "unbound-debugsource-0:1.16.2-5.el8_8.5.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.16.2-5.el8_8.5.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:unbound-devel-0:1.16.2-5.el8_8.5.i686"
},
"product_reference": "unbound-devel-0:1.16.2-5.el8_8.5.i686",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.16.2-5.el8_8.5.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:unbound-devel-0:1.16.2-5.el8_8.5.ppc64le"
},
"product_reference": "unbound-devel-0:1.16.2-5.el8_8.5.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.16.2-5.el8_8.5.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:unbound-devel-0:1.16.2-5.el8_8.5.x86_64"
},
"product_reference": "unbound-devel-0:1.16.2-5.el8_8.5.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.16.2-5.el8_8.5.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:unbound-libs-0:1.16.2-5.el8_8.5.i686"
},
"product_reference": "unbound-libs-0:1.16.2-5.el8_8.5.i686",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.16.2-5.el8_8.5.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:unbound-libs-0:1.16.2-5.el8_8.5.ppc64le"
},
"product_reference": "unbound-libs-0:1.16.2-5.el8_8.5.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.16.2-5.el8_8.5.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:unbound-libs-0:1.16.2-5.el8_8.5.x86_64"
},
"product_reference": "unbound-libs-0:1.16.2-5.el8_8.5.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.i686"
},
"product_reference": "unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.i686",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.ppc64le"
},
"product_reference": "unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.x86_64"
},
"product_reference": "unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.16.2-5.el8_8.5.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS:python3-unbound-0:1.16.2-5.el8_8.5.x86_64"
},
"product_reference": "python3-unbound-0:1.16.2-5.el8_8.5.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.i686 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS:python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.i686"
},
"product_reference": "python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.i686",
"relates_to_product_reference": "AppStream-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS:python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.x86_64"
},
"product_reference": "python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.16.2-5.el8_8.5.src as a component of Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS:unbound-0:1.16.2-5.el8_8.5.src"
},
"product_reference": "unbound-0:1.16.2-5.el8_8.5.src",
"relates_to_product_reference": "AppStream-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.16.2-5.el8_8.5.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS:unbound-0:1.16.2-5.el8_8.5.x86_64"
},
"product_reference": "unbound-0:1.16.2-5.el8_8.5.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.16.2-5.el8_8.5.i686 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS:unbound-debuginfo-0:1.16.2-5.el8_8.5.i686"
},
"product_reference": "unbound-debuginfo-0:1.16.2-5.el8_8.5.i686",
"relates_to_product_reference": "AppStream-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.16.2-5.el8_8.5.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS:unbound-debuginfo-0:1.16.2-5.el8_8.5.x86_64"
},
"product_reference": "unbound-debuginfo-0:1.16.2-5.el8_8.5.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.16.2-5.el8_8.5.i686 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS:unbound-debugsource-0:1.16.2-5.el8_8.5.i686"
},
"product_reference": "unbound-debugsource-0:1.16.2-5.el8_8.5.i686",
"relates_to_product_reference": "AppStream-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.16.2-5.el8_8.5.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS:unbound-debugsource-0:1.16.2-5.el8_8.5.x86_64"
},
"product_reference": "unbound-debugsource-0:1.16.2-5.el8_8.5.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.16.2-5.el8_8.5.i686 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS:unbound-devel-0:1.16.2-5.el8_8.5.i686"
},
"product_reference": "unbound-devel-0:1.16.2-5.el8_8.5.i686",
"relates_to_product_reference": "AppStream-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.16.2-5.el8_8.5.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS:unbound-devel-0:1.16.2-5.el8_8.5.x86_64"
},
"product_reference": "unbound-devel-0:1.16.2-5.el8_8.5.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.16.2-5.el8_8.5.i686 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS:unbound-libs-0:1.16.2-5.el8_8.5.i686"
},
"product_reference": "unbound-libs-0:1.16.2-5.el8_8.5.i686",
"relates_to_product_reference": "AppStream-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.16.2-5.el8_8.5.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS:unbound-libs-0:1.16.2-5.el8_8.5.x86_64"
},
"product_reference": "unbound-libs-0:1.16.2-5.el8_8.5.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.i686 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS:unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.i686"
},
"product_reference": "unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.i686",
"relates_to_product_reference": "AppStream-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS:unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.x86_64"
},
"product_reference": "unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.TUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-5994",
"cwe": {
"id": "CWE-349",
"name": "Acceptance of Extraneous Untrusted Data With Trusted Data"
},
"discovery_date": "2025-07-16T15:01:36.497027+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380949"
}
],
"notes": [
{
"category": "description",
"text": "A cache poisoning flaw was found in Unbound. Resolvers supporting EDNS Client Subnet (ECS) must segregate outgoing queries to accommodate different outgoing ECS information. This issue reopens resolvers to a birthday paradox attack, known as the Rebirthday Attack, which attempts to match the DNS transaction ID with cache non-ECS poisoned replies.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "unbound: Unbound Cache poisoning",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is considered Important rather than Moderate because it directly compromises the integrity of DNS caching mechanisms in resolvers supporting EDNS Client Subnet (ECS). The flaw allows an attacker to exploit the birthday paradox by generating a high volume of concurrent queries with different ECS values, thereby increasing the chance of a transaction ID collision with a spoofed response. If the resolver fails to properly segregate cache entries by ECS scope, it may accept and cache a malicious non-ECS response, effectively leading to DNS cache poisoning. Unlike typical poisoning attempts that require precise timing or privileged network positions, this attack can be carried out remotely with a high success rate, especially in resolvers that do not correctly isolate ECS queries.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.8.0.Z.E4S:python3-unbound-0:1.16.2-5.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-unbound-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.E4S:unbound-0:1.16.2-5.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.E4S:unbound-0:1.16.2-5.el8_8.5.src",
"AppStream-8.8.0.Z.E4S:unbound-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.E4S:unbound-debuginfo-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.E4S:unbound-debuginfo-0:1.16.2-5.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.E4S:unbound-debuginfo-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.E4S:unbound-debugsource-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.E4S:unbound-debugsource-0:1.16.2-5.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.E4S:unbound-debugsource-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.E4S:unbound-devel-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.E4S:unbound-devel-0:1.16.2-5.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.E4S:unbound-devel-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.E4S:unbound-libs-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.E4S:unbound-libs-0:1.16.2-5.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.E4S:unbound-libs-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.TUS:python3-unbound-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.TUS:python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.TUS:python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.TUS:unbound-0:1.16.2-5.el8_8.5.src",
"AppStream-8.8.0.Z.TUS:unbound-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.TUS:unbound-debuginfo-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.TUS:unbound-debuginfo-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.TUS:unbound-debugsource-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.TUS:unbound-debugsource-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.TUS:unbound-devel-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.TUS:unbound-devel-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.TUS:unbound-libs-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.TUS:unbound-libs-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.TUS:unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.TUS:unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-5994"
},
{
"category": "external",
"summary": "RHBZ#2380949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380949"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-5994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5994"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-5994",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5994"
},
{
"category": "external",
"summary": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt",
"url": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt"
}
],
"release_date": "2025-07-16T14:38:22.738000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-05T08:17:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.8.0.Z.E4S:python3-unbound-0:1.16.2-5.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-unbound-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.E4S:unbound-0:1.16.2-5.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.E4S:unbound-0:1.16.2-5.el8_8.5.src",
"AppStream-8.8.0.Z.E4S:unbound-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.E4S:unbound-debuginfo-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.E4S:unbound-debuginfo-0:1.16.2-5.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.E4S:unbound-debuginfo-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.E4S:unbound-debugsource-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.E4S:unbound-debugsource-0:1.16.2-5.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.E4S:unbound-debugsource-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.E4S:unbound-devel-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.E4S:unbound-devel-0:1.16.2-5.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.E4S:unbound-devel-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.E4S:unbound-libs-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.E4S:unbound-libs-0:1.16.2-5.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.E4S:unbound-libs-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.TUS:python3-unbound-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.TUS:python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.TUS:python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.TUS:unbound-0:1.16.2-5.el8_8.5.src",
"AppStream-8.8.0.Z.TUS:unbound-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.TUS:unbound-debuginfo-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.TUS:unbound-debuginfo-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.TUS:unbound-debugsource-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.TUS:unbound-debugsource-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.TUS:unbound-devel-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.TUS:unbound-devel-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.TUS:unbound-libs-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.TUS:unbound-libs-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.TUS:unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.TUS:unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:12929"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.8.0.Z.E4S:python3-unbound-0:1.16.2-5.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-unbound-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.E4S:unbound-0:1.16.2-5.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.E4S:unbound-0:1.16.2-5.el8_8.5.src",
"AppStream-8.8.0.Z.E4S:unbound-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.E4S:unbound-debuginfo-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.E4S:unbound-debuginfo-0:1.16.2-5.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.E4S:unbound-debuginfo-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.E4S:unbound-debugsource-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.E4S:unbound-debugsource-0:1.16.2-5.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.E4S:unbound-debugsource-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.E4S:unbound-devel-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.E4S:unbound-devel-0:1.16.2-5.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.E4S:unbound-devel-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.E4S:unbound-libs-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.E4S:unbound-libs-0:1.16.2-5.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.E4S:unbound-libs-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.TUS:python3-unbound-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.TUS:python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.TUS:python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.TUS:unbound-0:1.16.2-5.el8_8.5.src",
"AppStream-8.8.0.Z.TUS:unbound-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.TUS:unbound-debuginfo-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.TUS:unbound-debuginfo-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.TUS:unbound-debugsource-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.TUS:unbound-debugsource-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.TUS:unbound-devel-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.TUS:unbound-devel-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.TUS:unbound-libs-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.TUS:unbound-libs-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.TUS:unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.TUS:unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.8.0.Z.E4S:python3-unbound-0:1.16.2-5.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-unbound-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.E4S:unbound-0:1.16.2-5.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.E4S:unbound-0:1.16.2-5.el8_8.5.src",
"AppStream-8.8.0.Z.E4S:unbound-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.E4S:unbound-debuginfo-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.E4S:unbound-debuginfo-0:1.16.2-5.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.E4S:unbound-debuginfo-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.E4S:unbound-debugsource-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.E4S:unbound-debugsource-0:1.16.2-5.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.E4S:unbound-debugsource-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.E4S:unbound-devel-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.E4S:unbound-devel-0:1.16.2-5.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.E4S:unbound-devel-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.E4S:unbound-libs-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.E4S:unbound-libs-0:1.16.2-5.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.E4S:unbound-libs-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.E4S:unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.TUS:python3-unbound-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.TUS:python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.TUS:python3-unbound-debuginfo-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.TUS:unbound-0:1.16.2-5.el8_8.5.src",
"AppStream-8.8.0.Z.TUS:unbound-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.TUS:unbound-debuginfo-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.TUS:unbound-debuginfo-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.TUS:unbound-debugsource-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.TUS:unbound-debugsource-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.TUS:unbound-devel-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.TUS:unbound-devel-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.TUS:unbound-libs-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.TUS:unbound-libs-0:1.16.2-5.el8_8.5.x86_64",
"AppStream-8.8.0.Z.TUS:unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.i686",
"AppStream-8.8.0.Z.TUS:unbound-libs-debuginfo-0:1.16.2-5.el8_8.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "unbound: Unbound Cache poisoning"
}
]
}
RHSA-2025:19894
Vulnerability from csaf_redhat - Published: 2025-11-13 09:46 - Updated: 2025-12-03 09:29Summary
Red Hat Security Advisory: OpenShift Container Platform 4.12.82 bug fix and security update
Notes
Topic
Red Hat OpenShift Container Platform release 4.12.82 is now available with updates to packages and images that fix several bugs and add enhancements.
This release includes a security update for Red Hat OpenShift Container Platform 4.12.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:
https://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html/release_notes
Security Fix(es):
None
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
All OpenShift Container Platform 4.12 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html-single/updating_clusters/index#updating-cluster-within-minor.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.12.82 is now available with updates to packages and images that fix several bugs and add enhancements.\n\nThis release includes a security update for Red Hat OpenShift Container Platform 4.12.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nSpace precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html/release_notes\n\nSecurity Fix(es):\n\nNone\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAll OpenShift Container Platform 4.12 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html-single/updating_clusters/index#updating-cluster-within-minor.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:19894",
"url": "https://access.redhat.com/errata/RHSA-2025:19894"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "2380949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380949"
},
{
"category": "external",
"summary": "2392595",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392595"
},
{
"category": "external",
"summary": "2393152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2393152"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_19894.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.12.82 bug fix and security update",
"tracking": {
"current_release_date": "2025-12-03T09:29:38+00:00",
"generator": {
"date": "2025-12-03T09:29:38+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.13"
}
},
"id": "RHSA-2025:19894",
"initial_release_date": "2025-11-13T09:46:03+00:00",
"revision_history": [
{
"date": "2025-11-13T09:46:03+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-11-14T20:18:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-12-03T09:29:38+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.12",
"product": {
"name": "Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.12::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos-x86_64-412.86.202510291903-0",
"product": {
"name": "rhcos-x86_64-412.86.202510291903-0",
"product_id": "rhcos-x86_64-412.86.202510291903-0",
"product_identification_helper": {
"purl": "pkg:generic/redhat/rhcos@412.86.202510291903?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos-x86_64-412.86.202510291903-0 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:rhcos-x86_64-412.86.202510291903-0"
},
"product_reference": "rhcos-x86_64-412.86.202510291903-0",
"relates_to_product_reference": "8Base-RHOSE-4.12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-5994",
"cwe": {
"id": "CWE-349",
"name": "Acceptance of Extraneous Untrusted Data With Trusted Data"
},
"discovery_date": "2025-07-16T15:01:36.497027+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380949"
}
],
"notes": [
{
"category": "description",
"text": "A cache poisoning flaw was found in Unbound. Resolvers supporting EDNS Client Subnet (ECS) must segregate outgoing queries to accommodate different outgoing ECS information. This issue reopens resolvers to a birthday paradox attack, known as the Rebirthday Attack, which attempts to match the DNS transaction ID with cache non-ECS poisoned replies.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "unbound: Unbound Cache poisoning",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is considered Important rather than Moderate because it directly compromises the integrity of DNS caching mechanisms in resolvers supporting EDNS Client Subnet (ECS). The flaw allows an attacker to exploit the birthday paradox by generating a high volume of concurrent queries with different ECS values, thereby increasing the chance of a transaction ID collision with a spoofed response. If the resolver fails to properly segregate cache entries by ECS scope, it may accept and cache a malicious non-ECS response, effectively leading to DNS cache poisoning. Unlike typical poisoning attempts that require precise timing or privileged network positions, this attack can be carried out remotely with a high success rate, especially in resolvers that do not correctly isolate ECS queries.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.12:rhcos-x86_64-412.86.202510291903-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-5994"
},
{
"category": "external",
"summary": "RHBZ#2380949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380949"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-5994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5994"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-5994",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5994"
},
{
"category": "external",
"summary": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt",
"url": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt"
}
],
"release_date": "2025-07-16T14:38:22.738000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-13T09:46:03+00:00",
"details": "For OpenShift Container Platform 4.12 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html/release_notes\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\n The sha value for the release is as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:d26fd3fd30ac6ae13f2779045d4e2defbf77aa24db5393d91df19488fd42504d\n\nAll OpenShift Container Platform 4.12 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html-single/updating_clusters/index#updating-cluster-within-minor.",
"product_ids": [
"8Base-RHOSE-4.12:rhcos-x86_64-412.86.202510291903-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19894"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSE-4.12:rhcos-x86_64-412.86.202510291903-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.12:rhcos-x86_64-412.86.202510291903-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "unbound: Unbound Cache poisoning"
},
{
"cve": "CVE-2025-6965",
"cwe": {
"id": "CWE-197",
"name": "Numeric Truncation Error"
},
"discovery_date": "2025-07-15T14:02:19.241458+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380149"
}
],
"notes": [
{
"category": "description",
"text": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sqlite: Integer Truncation in SQLite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in SQLite is categorized as Important rather than Critical because, although it involves memory corruption, the conditions required to trigger it are relatively constrained. The flaw arises when a query causes the number of aggregate terms to exceed internal limits, leading to potential buffer overflows or memory mismanagement. However, exploitation requires the ability to craft complex SQL queries and interact with the SQLite engine in a specific manner\u2014typically through direct SQL input. There is no known evidence of arbitrary code execution, privilege escalation, or remote exploitability as a direct result of this flaw. Additionally, most SQLite deployments are embedded in applications where input is tightly controlled or sanitized.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.12:rhcos-x86_64-412.86.202510291903-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "RHBZ#2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8",
"url": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8"
}
],
"release_date": "2025-07-15T13:44:00.784000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-13T09:46:03+00:00",
"details": "For OpenShift Container Platform 4.12 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html/release_notes\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\n The sha value for the release is as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:d26fd3fd30ac6ae13f2779045d4e2defbf77aa24db5393d91df19488fd42504d\n\nAll OpenShift Container Platform 4.12 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html-single/updating_clusters/index#updating-cluster-within-minor.",
"product_ids": [
"8Base-RHOSE-4.12:rhcos-x86_64-412.86.202510291903-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19894"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSE-4.12:rhcos-x86_64-412.86.202510291903-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.12:rhcos-x86_64-412.86.202510291903-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "sqlite: Integer Truncation in SQLite"
},
{
"acknowledgments": [
{
"names": [
"Paul Holzinger"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2025-9566",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-09-04T15:45:46.448000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2393152"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file.\n\nBinary-Affected: podman\nUpstream-version-introduced: v4.0.0\nUpstream-version-fixed: v5.6.1",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "podman: Podman kube play command may overwrite host files",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has evaluated this vulnerability as having the Important severity. This happens because of the consequences of an successful attack and the low complexity (AC:L) on exploiting this vulnerability. Although the attacker cannot control the content written to the target file, depending on which file was targeted, the exploitation of this flaw may lead sensitive data corruption (I:H) and leading the system to crash resulting in a Denial of Service attack (A:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.12:rhcos-x86_64-412.86.202510291903-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9566"
},
{
"category": "external",
"summary": "RHBZ#2393152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2393152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9566",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9566"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9566",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9566"
}
],
"release_date": "2025-09-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-13T09:46:03+00:00",
"details": "For OpenShift Container Platform 4.12 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html/release_notes\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\n The sha value for the release is as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:d26fd3fd30ac6ae13f2779045d4e2defbf77aa24db5393d91df19488fd42504d\n\nAll OpenShift Container Platform 4.12 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html-single/updating_clusters/index#updating-cluster-within-minor.",
"product_ids": [
"8Base-RHOSE-4.12:rhcos-x86_64-412.86.202510291903-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19894"
},
{
"category": "workaround",
"details": "Red Hat advises to not run the podman kube play command with untrusted Kubernetes YAML file as input, additionally review the Kubernetes YAML file before running it through podman may help to catch maliciously crafted secretes or volumes that may be used to exploit this vulnerability.",
"product_ids": [
"8Base-RHOSE-4.12:rhcos-x86_64-412.86.202510291903-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.12:rhcos-x86_64-412.86.202510291903-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "podman: Podman kube play command may overwrite host files"
},
{
"cve": "CVE-2025-49794",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-06-11T21:33:43.044000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372373"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the \u003csch:name path=\"...\"/\u003e schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program\u0027s crash using libxml or other possible undefined behaviors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue was rated with a severity impact of Important by Red Hat Product Security, as libxml can be used to parse XML coming from the network depending on how the program consumes it and uses the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.12:rhcos-x86_64-412.86.202510291903-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49794"
},
{
"category": "external",
"summary": "RHBZ#2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794"
}
],
"release_date": "2025-06-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-13T09:46:03+00:00",
"details": "For OpenShift Container Platform 4.12 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html/release_notes\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\n The sha value for the release is as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:d26fd3fd30ac6ae13f2779045d4e2defbf77aa24db5393d91df19488fd42504d\n\nAll OpenShift Container Platform 4.12 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html-single/updating_clusters/index#updating-cluster-within-minor.",
"product_ids": [
"8Base-RHOSE-4.12:rhcos-x86_64-412.86.202510291903-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19894"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than avoid processing untrusted XML documents before updating to the libxml version containing the fix.",
"product_ids": [
"8Base-RHOSE-4.12:rhcos-x86_64-412.86.202510291903-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.12:rhcos-x86_64-412.86.202510291903-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)"
},
{
"cve": "CVE-2025-49796",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-06-12T00:35:26.470000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372385"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Type confusion leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has evaluated this vulnerability as having an Important security impact, as libxml can be used to parse XML from the network depending on how the program consumes it using the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.12:rhcos-x86_64-412.86.202510291903-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49796"
},
{
"category": "external",
"summary": "RHBZ#2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796"
}
],
"release_date": "2025-06-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-13T09:46:03+00:00",
"details": "For OpenShift Container Platform 4.12 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html/release_notes\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\n The sha value for the release is as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:d26fd3fd30ac6ae13f2779045d4e2defbf77aa24db5393d91df19488fd42504d\n\nAll OpenShift Container Platform 4.12 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html-single/updating_clusters/index#updating-cluster-within-minor.",
"product_ids": [
"8Base-RHOSE-4.12:rhcos-x86_64-412.86.202510291903-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19894"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than to avoid processing untrusted XML documents if the user is unable/unwilling to update the library.",
"product_ids": [
"8Base-RHOSE-4.12:rhcos-x86_64-412.86.202510291903-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.12:rhcos-x86_64-412.86.202510291903-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Type confusion leads to Denial of service (DoS)"
},
{
"acknowledgments": [
{
"names": [
"Hristo Venev"
]
}
],
"cve": "CVE-2025-58060",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2025-09-02T12:06:54.304000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392595"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in CUPS, a widely used printing service on Linux and UNIX-like systems. The issue arises when authentication is configured to use a method other than Basic, but the attacker sends an HTTP request with a Basic authentication header. Due to improper validation in the cupsdAuthorize() function, the password is not checked. This vulnerability allows attackers to bypass authentication entirely, resulting in unauthorized access to administrative functions and system configuration.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cups: Authentication Bypass in CUPS Authorization Handling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has assessed the severity of this vulnerability as Important, given that it enables complete authentication bypass. Exploitation requires no valid credentials and can be performed remotely in some configurations. Attackers could gain administrative privileges in CUPS, modify critical configuration files, or potentially escalate their access further depending on the system environment. The root cause is a missing authentication check when the AuthType is set to values other than Basic but a Basic authorization header is supplied.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.12:rhcos-x86_64-412.86.202510291903-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58060"
},
{
"category": "external",
"summary": "RHBZ#2392595",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392595"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58060"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58060",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58060"
}
],
"release_date": "2025-09-11T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-13T09:46:03+00:00",
"details": "For OpenShift Container Platform 4.12 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html/release_notes\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\n The sha value for the release is as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:d26fd3fd30ac6ae13f2779045d4e2defbf77aa24db5393d91df19488fd42504d\n\nAll OpenShift Container Platform 4.12 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html-single/updating_clusters/index#updating-cluster-within-minor.",
"product_ids": [
"8Base-RHOSE-4.12:rhcos-x86_64-412.86.202510291903-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19894"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to a widespread installation base, or stability. It is strongly advised to apply vendor-supplied patches as soon as they are released to address this authentication bypass vulnerability.",
"product_ids": [
"8Base-RHOSE-4.12:rhcos-x86_64-412.86.202510291903-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.12:rhcos-x86_64-412.86.202510291903-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "cups: Authentication Bypass in CUPS Authorization Handling"
}
]
}
RHSA-2025:11884
Vulnerability from csaf_redhat - Published: 2025-07-28 10:47 - Updated: 2025-11-21 19:20Summary
Red Hat Security Advisory: unbound security update
Notes
Topic
An update for unbound is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver.
Security Fix(es):
* unbound: Unbound Cache poisoning (CVE-2025-5994)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for unbound is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. \n\nSecurity Fix(es):\n\n* unbound: Unbound Cache poisoning (CVE-2025-5994)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:11884",
"url": "https://access.redhat.com/errata/RHSA-2025:11884"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2380949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380949"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_11884.json"
}
],
"title": "Red Hat Security Advisory: unbound security update",
"tracking": {
"current_release_date": "2025-11-21T19:20:59+00:00",
"generator": {
"date": "2025-11-21T19:20:59+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2025:11884",
"initial_release_date": "2025-07-28T10:47:26+00:00",
"revision_history": [
{
"date": "2025-07-28T10:47:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-28T10:47:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T19:20:59+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-unbound-0:1.16.2-5.9.el8_10.aarch64",
"product": {
"name": "python3-unbound-0:1.16.2-5.9.el8_10.aarch64",
"product_id": "python3-unbound-0:1.16.2-5.9.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound@1.16.2-5.9.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-0:1.16.2-5.9.el8_10.aarch64",
"product": {
"name": "unbound-0:1.16.2-5.9.el8_10.aarch64",
"product_id": "unbound-0:1.16.2-5.9.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.16.2-5.9.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-devel-0:1.16.2-5.9.el8_10.aarch64",
"product": {
"name": "unbound-devel-0:1.16.2-5.9.el8_10.aarch64",
"product_id": "unbound-devel-0:1.16.2-5.9.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-devel@1.16.2-5.9.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-0:1.16.2-5.9.el8_10.aarch64",
"product": {
"name": "unbound-libs-0:1.16.2-5.9.el8_10.aarch64",
"product_id": "unbound-libs-0:1.16.2-5.9.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.16.2-5.9.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.16.2-5.9.el8_10.aarch64",
"product": {
"name": "unbound-debugsource-0:1.16.2-5.9.el8_10.aarch64",
"product_id": "unbound-debugsource-0:1.16.2-5.9.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.16.2-5.9.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.aarch64",
"product": {
"name": "python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.aarch64",
"product_id": "python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.16.2-5.9.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.16.2-5.9.el8_10.aarch64",
"product": {
"name": "unbound-debuginfo-0:1.16.2-5.9.el8_10.aarch64",
"product_id": "unbound-debuginfo-0:1.16.2-5.9.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.16.2-5.9.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.aarch64",
"product": {
"name": "unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.aarch64",
"product_id": "unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.16.2-5.9.el8_10?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-unbound-0:1.16.2-5.9.el8_10.ppc64le",
"product": {
"name": "python3-unbound-0:1.16.2-5.9.el8_10.ppc64le",
"product_id": "python3-unbound-0:1.16.2-5.9.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound@1.16.2-5.9.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-0:1.16.2-5.9.el8_10.ppc64le",
"product": {
"name": "unbound-0:1.16.2-5.9.el8_10.ppc64le",
"product_id": "unbound-0:1.16.2-5.9.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.16.2-5.9.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-devel-0:1.16.2-5.9.el8_10.ppc64le",
"product": {
"name": "unbound-devel-0:1.16.2-5.9.el8_10.ppc64le",
"product_id": "unbound-devel-0:1.16.2-5.9.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-devel@1.16.2-5.9.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-0:1.16.2-5.9.el8_10.ppc64le",
"product": {
"name": "unbound-libs-0:1.16.2-5.9.el8_10.ppc64le",
"product_id": "unbound-libs-0:1.16.2-5.9.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.16.2-5.9.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.16.2-5.9.el8_10.ppc64le",
"product": {
"name": "unbound-debugsource-0:1.16.2-5.9.el8_10.ppc64le",
"product_id": "unbound-debugsource-0:1.16.2-5.9.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.16.2-5.9.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.ppc64le",
"product": {
"name": "python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.ppc64le",
"product_id": "python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.16.2-5.9.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.16.2-5.9.el8_10.ppc64le",
"product": {
"name": "unbound-debuginfo-0:1.16.2-5.9.el8_10.ppc64le",
"product_id": "unbound-debuginfo-0:1.16.2-5.9.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.16.2-5.9.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.ppc64le",
"product": {
"name": "unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.ppc64le",
"product_id": "unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.16.2-5.9.el8_10?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-unbound-0:1.16.2-5.9.el8_10.x86_64",
"product": {
"name": "python3-unbound-0:1.16.2-5.9.el8_10.x86_64",
"product_id": "python3-unbound-0:1.16.2-5.9.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound@1.16.2-5.9.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-0:1.16.2-5.9.el8_10.x86_64",
"product": {
"name": "unbound-0:1.16.2-5.9.el8_10.x86_64",
"product_id": "unbound-0:1.16.2-5.9.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.16.2-5.9.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-devel-0:1.16.2-5.9.el8_10.x86_64",
"product": {
"name": "unbound-devel-0:1.16.2-5.9.el8_10.x86_64",
"product_id": "unbound-devel-0:1.16.2-5.9.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-devel@1.16.2-5.9.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-0:1.16.2-5.9.el8_10.x86_64",
"product": {
"name": "unbound-libs-0:1.16.2-5.9.el8_10.x86_64",
"product_id": "unbound-libs-0:1.16.2-5.9.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.16.2-5.9.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.16.2-5.9.el8_10.x86_64",
"product": {
"name": "unbound-debugsource-0:1.16.2-5.9.el8_10.x86_64",
"product_id": "unbound-debugsource-0:1.16.2-5.9.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.16.2-5.9.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.x86_64",
"product": {
"name": "python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.x86_64",
"product_id": "python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.16.2-5.9.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.16.2-5.9.el8_10.x86_64",
"product": {
"name": "unbound-debuginfo-0:1.16.2-5.9.el8_10.x86_64",
"product_id": "unbound-debuginfo-0:1.16.2-5.9.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.16.2-5.9.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.x86_64",
"product": {
"name": "unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.x86_64",
"product_id": "unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.16.2-5.9.el8_10?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "unbound-devel-0:1.16.2-5.9.el8_10.i686",
"product": {
"name": "unbound-devel-0:1.16.2-5.9.el8_10.i686",
"product_id": "unbound-devel-0:1.16.2-5.9.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-devel@1.16.2-5.9.el8_10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-0:1.16.2-5.9.el8_10.i686",
"product": {
"name": "unbound-libs-0:1.16.2-5.9.el8_10.i686",
"product_id": "unbound-libs-0:1.16.2-5.9.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.16.2-5.9.el8_10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.16.2-5.9.el8_10.i686",
"product": {
"name": "unbound-debugsource-0:1.16.2-5.9.el8_10.i686",
"product_id": "unbound-debugsource-0:1.16.2-5.9.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.16.2-5.9.el8_10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.i686",
"product": {
"name": "python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.i686",
"product_id": "python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.16.2-5.9.el8_10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.16.2-5.9.el8_10.i686",
"product": {
"name": "unbound-debuginfo-0:1.16.2-5.9.el8_10.i686",
"product_id": "unbound-debuginfo-0:1.16.2-5.9.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.16.2-5.9.el8_10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.i686",
"product": {
"name": "unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.i686",
"product_id": "unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.16.2-5.9.el8_10?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-unbound-0:1.16.2-5.9.el8_10.s390x",
"product": {
"name": "python3-unbound-0:1.16.2-5.9.el8_10.s390x",
"product_id": "python3-unbound-0:1.16.2-5.9.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound@1.16.2-5.9.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-0:1.16.2-5.9.el8_10.s390x",
"product": {
"name": "unbound-0:1.16.2-5.9.el8_10.s390x",
"product_id": "unbound-0:1.16.2-5.9.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.16.2-5.9.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-devel-0:1.16.2-5.9.el8_10.s390x",
"product": {
"name": "unbound-devel-0:1.16.2-5.9.el8_10.s390x",
"product_id": "unbound-devel-0:1.16.2-5.9.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-devel@1.16.2-5.9.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-0:1.16.2-5.9.el8_10.s390x",
"product": {
"name": "unbound-libs-0:1.16.2-5.9.el8_10.s390x",
"product_id": "unbound-libs-0:1.16.2-5.9.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.16.2-5.9.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.16.2-5.9.el8_10.s390x",
"product": {
"name": "unbound-debugsource-0:1.16.2-5.9.el8_10.s390x",
"product_id": "unbound-debugsource-0:1.16.2-5.9.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.16.2-5.9.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.s390x",
"product": {
"name": "python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.s390x",
"product_id": "python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.16.2-5.9.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.16.2-5.9.el8_10.s390x",
"product": {
"name": "unbound-debuginfo-0:1.16.2-5.9.el8_10.s390x",
"product_id": "unbound-debuginfo-0:1.16.2-5.9.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.16.2-5.9.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.s390x",
"product": {
"name": "unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.s390x",
"product_id": "unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.16.2-5.9.el8_10?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "unbound-0:1.16.2-5.9.el8_10.src",
"product": {
"name": "unbound-0:1.16.2-5.9.el8_10.src",
"product_id": "unbound-0:1.16.2-5.9.el8_10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.16.2-5.9.el8_10?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.16.2-5.9.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-5.9.el8_10.aarch64"
},
"product_reference": "python3-unbound-0:1.16.2-5.9.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.16.2-5.9.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-5.9.el8_10.ppc64le"
},
"product_reference": "python3-unbound-0:1.16.2-5.9.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.16.2-5.9.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-5.9.el8_10.s390x"
},
"product_reference": "python3-unbound-0:1.16.2-5.9.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.16.2-5.9.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-5.9.el8_10.x86_64"
},
"product_reference": "python3-unbound-0:1.16.2-5.9.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.aarch64"
},
"product_reference": "python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.i686"
},
"product_reference": "python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.ppc64le"
},
"product_reference": "python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.s390x"
},
"product_reference": "python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.x86_64"
},
"product_reference": "python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.16.2-5.9.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:unbound-0:1.16.2-5.9.el8_10.aarch64"
},
"product_reference": "unbound-0:1.16.2-5.9.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.16.2-5.9.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:unbound-0:1.16.2-5.9.el8_10.ppc64le"
},
"product_reference": "unbound-0:1.16.2-5.9.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.16.2-5.9.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:unbound-0:1.16.2-5.9.el8_10.s390x"
},
"product_reference": "unbound-0:1.16.2-5.9.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.16.2-5.9.el8_10.src as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:unbound-0:1.16.2-5.9.el8_10.src"
},
"product_reference": "unbound-0:1.16.2-5.9.el8_10.src",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.16.2-5.9.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:unbound-0:1.16.2-5.9.el8_10.x86_64"
},
"product_reference": "unbound-0:1.16.2-5.9.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.16.2-5.9.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-5.9.el8_10.aarch64"
},
"product_reference": "unbound-debuginfo-0:1.16.2-5.9.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.16.2-5.9.el8_10.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-5.9.el8_10.i686"
},
"product_reference": "unbound-debuginfo-0:1.16.2-5.9.el8_10.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.16.2-5.9.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-5.9.el8_10.ppc64le"
},
"product_reference": "unbound-debuginfo-0:1.16.2-5.9.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.16.2-5.9.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-5.9.el8_10.s390x"
},
"product_reference": "unbound-debuginfo-0:1.16.2-5.9.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.16.2-5.9.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-5.9.el8_10.x86_64"
},
"product_reference": "unbound-debuginfo-0:1.16.2-5.9.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.16.2-5.9.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-5.9.el8_10.aarch64"
},
"product_reference": "unbound-debugsource-0:1.16.2-5.9.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.16.2-5.9.el8_10.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-5.9.el8_10.i686"
},
"product_reference": "unbound-debugsource-0:1.16.2-5.9.el8_10.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.16.2-5.9.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-5.9.el8_10.ppc64le"
},
"product_reference": "unbound-debugsource-0:1.16.2-5.9.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.16.2-5.9.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-5.9.el8_10.s390x"
},
"product_reference": "unbound-debugsource-0:1.16.2-5.9.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.16.2-5.9.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-5.9.el8_10.x86_64"
},
"product_reference": "unbound-debugsource-0:1.16.2-5.9.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.16.2-5.9.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-5.9.el8_10.aarch64"
},
"product_reference": "unbound-devel-0:1.16.2-5.9.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.16.2-5.9.el8_10.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-5.9.el8_10.i686"
},
"product_reference": "unbound-devel-0:1.16.2-5.9.el8_10.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.16.2-5.9.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-5.9.el8_10.ppc64le"
},
"product_reference": "unbound-devel-0:1.16.2-5.9.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.16.2-5.9.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-5.9.el8_10.s390x"
},
"product_reference": "unbound-devel-0:1.16.2-5.9.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.16.2-5.9.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-5.9.el8_10.x86_64"
},
"product_reference": "unbound-devel-0:1.16.2-5.9.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.16.2-5.9.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-5.9.el8_10.aarch64"
},
"product_reference": "unbound-libs-0:1.16.2-5.9.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.16.2-5.9.el8_10.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-5.9.el8_10.i686"
},
"product_reference": "unbound-libs-0:1.16.2-5.9.el8_10.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.16.2-5.9.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-5.9.el8_10.ppc64le"
},
"product_reference": "unbound-libs-0:1.16.2-5.9.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.16.2-5.9.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-5.9.el8_10.s390x"
},
"product_reference": "unbound-libs-0:1.16.2-5.9.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.16.2-5.9.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-5.9.el8_10.x86_64"
},
"product_reference": "unbound-libs-0:1.16.2-5.9.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.aarch64"
},
"product_reference": "unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.i686"
},
"product_reference": "unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.ppc64le"
},
"product_reference": "unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.s390x"
},
"product_reference": "unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.x86_64"
},
"product_reference": "unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-5994",
"cwe": {
"id": "CWE-349",
"name": "Acceptance of Extraneous Untrusted Data With Trusted Data"
},
"discovery_date": "2025-07-16T15:01:36.497027+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380949"
}
],
"notes": [
{
"category": "description",
"text": "A cache poisoning flaw was found in Unbound. Resolvers supporting EDNS Client Subnet (ECS) must segregate outgoing queries to accommodate different outgoing ECS information. This issue reopens resolvers to a birthday paradox attack, known as the Rebirthday Attack, which attempts to match the DNS transaction ID with cache non-ECS poisoned replies.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "unbound: Unbound Cache poisoning",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is considered Important rather than Moderate because it directly compromises the integrity of DNS caching mechanisms in resolvers supporting EDNS Client Subnet (ECS). The flaw allows an attacker to exploit the birthday paradox by generating a high volume of concurrent queries with different ECS values, thereby increasing the chance of a transaction ID collision with a spoofed response. If the resolver fails to properly segregate cache entries by ECS scope, it may accept and cache a malicious non-ECS response, effectively leading to DNS cache poisoning. Unlike typical poisoning attempts that require precise timing or privileged network positions, this attack can be carried out remotely with a high success rate, especially in resolvers that do not correctly isolate ECS queries.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-5.9.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-5.9.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-5.9.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-5.9.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-0:1.16.2-5.9.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-0:1.16.2-5.9.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-0:1.16.2-5.9.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-0:1.16.2-5.9.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-0:1.16.2-5.9.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-5.9.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-5.9.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-5.9.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-5.9.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-5.9.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-5.9.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-5.9.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-5.9.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-5.9.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-5.9.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-5.9.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-5.9.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-5.9.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-5.9.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-5.9.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-5.9.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-5.9.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-5.9.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-5.9.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-5.9.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-5994"
},
{
"category": "external",
"summary": "RHBZ#2380949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380949"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-5994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5994"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-5994",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5994"
},
{
"category": "external",
"summary": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt",
"url": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt"
}
],
"release_date": "2025-07-16T14:38:22.738000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-28T10:47:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-5.9.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-5.9.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-5.9.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-5.9.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-0:1.16.2-5.9.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-0:1.16.2-5.9.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-0:1.16.2-5.9.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-0:1.16.2-5.9.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-0:1.16.2-5.9.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-5.9.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-5.9.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-5.9.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-5.9.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-5.9.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-5.9.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-5.9.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-5.9.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-5.9.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-5.9.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-5.9.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-5.9.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-5.9.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-5.9.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-5.9.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-5.9.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-5.9.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-5.9.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-5.9.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-5.9.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:11884"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-5.9.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-5.9.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-5.9.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-5.9.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-0:1.16.2-5.9.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-0:1.16.2-5.9.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-0:1.16.2-5.9.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-0:1.16.2-5.9.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-0:1.16.2-5.9.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-5.9.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-5.9.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-5.9.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-5.9.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-5.9.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-5.9.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-5.9.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-5.9.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-5.9.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-5.9.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-5.9.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-5.9.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-5.9.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-5.9.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-5.9.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-5.9.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-5.9.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-5.9.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-5.9.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-5.9.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-5.9.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-5.9.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-5.9.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-0:1.16.2-5.9.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-unbound-debuginfo-0:1.16.2-5.9.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-0:1.16.2-5.9.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-0:1.16.2-5.9.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-0:1.16.2-5.9.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-0:1.16.2-5.9.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-0:1.16.2-5.9.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-5.9.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-5.9.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-5.9.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-5.9.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debuginfo-0:1.16.2-5.9.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-5.9.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-5.9.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-5.9.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-5.9.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-debugsource-0:1.16.2-5.9.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-5.9.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-5.9.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-5.9.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-5.9.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-devel-0:1.16.2-5.9.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-5.9.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-5.9.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-5.9.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-5.9.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-0:1.16.2-5.9.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:unbound-libs-debuginfo-0:1.16.2-5.9.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "unbound: Unbound Cache poisoning"
}
]
}
RHSA-2025:19046
Vulnerability from csaf_redhat - Published: 2025-10-29 09:26 - Updated: 2025-12-03 09:29Summary
Red Hat Security Advisory: OpenShift Container Platform 4.18.27 bug fix and security update
Notes
Topic
Red Hat OpenShift Container Platform release 4.18.27 is now available with updates to packages and images that fix several bugs and add enhancements.
This release includes a security update for Red Hat OpenShift Container Platform 4.18.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the container images for Red Hat OpenShift Container Platform 4.18.27. See the following advisory for the RPM packages for this release:
https://access.redhat.com/errata/155476
Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:
https://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html/release_notes/
Security Fix(es):
* libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c (CVE-2025-5914)
* unbound: Unbound Cache poisoning (CVE-2025-5994)
* sqlite: Integer Truncation in SQLite (CVE-2025-6965)
* podman: Podman kube play command may overwrite host files (CVE-2025-9566)
* libxml: Heap use after free (UAF) leads to Denial of service (DoS) (CVE-2025-49794)
* libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
All OpenShift Container Platform 4.18 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc)
or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html-single/updating_clusters/index#updating-cluster-cli.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.18.27 is now available with updates to packages and images that fix several bugs and add enhancements.\n\nThis release includes a security update for Red Hat OpenShift Container Platform 4.18.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the container images for Red Hat OpenShift Container Platform 4.18.27. See the following advisory for the RPM packages for this release:\n\nhttps://access.redhat.com/errata/155476\n\nSpace precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html/release_notes/\n\nSecurity Fix(es):\n\n* libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c (CVE-2025-5914)\n* unbound: Unbound Cache poisoning (CVE-2025-5994)\n* sqlite: Integer Truncation in SQLite (CVE-2025-6965)\n* podman: Podman kube play command may overwrite host files (CVE-2025-9566)\n* libxml: Heap use after free (UAF) leads to Denial of service (DoS) (CVE-2025-49794)\n* libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAll OpenShift Container Platform 4.18 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc)\nor web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html-single/updating_clusters/index#updating-cluster-cli.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:19046",
"url": "https://access.redhat.com/errata/RHSA-2025:19046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2370861",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370861"
},
{
"category": "external",
"summary": "2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "2380949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380949"
},
{
"category": "external",
"summary": "2393152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2393152"
},
{
"category": "external",
"summary": "OCPBUGS-62810",
"url": "https://issues.redhat.com/browse/OCPBUGS-62810"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_19046.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.18.27 bug fix and security update",
"tracking": {
"current_release_date": "2025-12-03T09:29:38+00:00",
"generator": {
"date": "2025-12-03T09:29:38+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.13"
}
},
"id": "RHSA-2025:19046",
"initial_release_date": "2025-10-29T09:26:54+00:00",
"revision_history": [
{
"date": "2025-10-29T09:26:54+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-10-29T09:26:54+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-12-03T09:29:38+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.18",
"product": {
"name": "Red Hat OpenShift Container Platform 4.18",
"product_id": "9Base-RHOSE-4.18",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.18::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos-aarch64-418.94.202510230424-0",
"product": {
"name": "rhcos-aarch64-418.94.202510230424-0",
"product_id": "rhcos-aarch64-418.94.202510230424-0",
"product_identification_helper": {
"purl": "pkg:generic/redhat/rhcos@418.94.202510230424?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos-ppc64le-418.94.202510230424-0",
"product": {
"name": "rhcos-ppc64le-418.94.202510230424-0",
"product_id": "rhcos-ppc64le-418.94.202510230424-0",
"product_identification_helper": {
"purl": "pkg:generic/redhat/rhcos@418.94.202510230424?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos-s390x-418.94.202510230424-0",
"product": {
"name": "rhcos-s390x-418.94.202510230424-0",
"product_id": "rhcos-s390x-418.94.202510230424-0",
"product_identification_helper": {
"purl": "pkg:generic/redhat/rhcos@418.94.202510230424?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos-x86_64-418.94.202510230424-0",
"product": {
"name": "rhcos-x86_64-418.94.202510230424-0",
"product_id": "rhcos-x86_64-418.94.202510230424-0",
"product_identification_helper": {
"purl": "pkg:generic/redhat/rhcos@418.94.202510230424?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos-aarch64-418.94.202510230424-0 as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "9Base-RHOSE-4.18:rhcos-aarch64-418.94.202510230424-0"
},
"product_reference": "rhcos-aarch64-418.94.202510230424-0",
"relates_to_product_reference": "9Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos-ppc64le-418.94.202510230424-0 as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "9Base-RHOSE-4.18:rhcos-ppc64le-418.94.202510230424-0"
},
"product_reference": "rhcos-ppc64le-418.94.202510230424-0",
"relates_to_product_reference": "9Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos-s390x-418.94.202510230424-0 as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "9Base-RHOSE-4.18:rhcos-s390x-418.94.202510230424-0"
},
"product_reference": "rhcos-s390x-418.94.202510230424-0",
"relates_to_product_reference": "9Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos-x86_64-418.94.202510230424-0 as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "9Base-RHOSE-4.18:rhcos-x86_64-418.94.202510230424-0"
},
"product_reference": "rhcos-x86_64-418.94.202510230424-0",
"relates_to_product_reference": "9Base-RHOSE-4.18"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-5914",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"discovery_date": "2025-06-06T17:58:25.491000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2370861"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has rated this vulnerability as Important because it allows a local attacker with limited privileges to trigger a double-free in libarchive\u0027s RAR parser by providing a specially crafted RAR archive. Successful exploitation could result in code execution or application crashes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.18:rhcos-aarch64-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-ppc64le-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-s390x-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-x86_64-418.94.202510230424-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-5914"
},
{
"category": "external",
"summary": "RHBZ#2370861",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370861"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-5914",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5914"
},
{
"category": "external",
"summary": "https://github.com/libarchive/libarchive/pull/2598",
"url": "https://github.com/libarchive/libarchive/pull/2598"
},
{
"category": "external",
"summary": "https://github.com/libarchive/libarchive/releases/tag/v3.8.0",
"url": "https://github.com/libarchive/libarchive/releases/tag/v3.8.0"
}
],
"release_date": "2025-05-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-29T09:26:54+00:00",
"details": "For OpenShift Container Platform 4.18 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is {x864_DIGEST}\n\n (For s390x architecture)\n The image digest is {s390x_DIGEST}\n\n (For ppc64le architecture)\n The image digest is {ppc64le_DIGEST}\n\n (For aarch64 architecture)\n The image digest is {aarch64_DIGEST}\n\nAll OpenShift Container Platform 4.18 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.18:rhcos-aarch64-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-ppc64le-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-s390x-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-x86_64-418.94.202510230424-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19046"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.18:rhcos-aarch64-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-ppc64le-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-s390x-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-x86_64-418.94.202510230424-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c"
},
{
"cve": "CVE-2025-5994",
"cwe": {
"id": "CWE-349",
"name": "Acceptance of Extraneous Untrusted Data With Trusted Data"
},
"discovery_date": "2025-07-16T15:01:36.497027+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380949"
}
],
"notes": [
{
"category": "description",
"text": "A cache poisoning flaw was found in Unbound. Resolvers supporting EDNS Client Subnet (ECS) must segregate outgoing queries to accommodate different outgoing ECS information. This issue reopens resolvers to a birthday paradox attack, known as the Rebirthday Attack, which attempts to match the DNS transaction ID with cache non-ECS poisoned replies.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "unbound: Unbound Cache poisoning",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is considered Important rather than Moderate because it directly compromises the integrity of DNS caching mechanisms in resolvers supporting EDNS Client Subnet (ECS). The flaw allows an attacker to exploit the birthday paradox by generating a high volume of concurrent queries with different ECS values, thereby increasing the chance of a transaction ID collision with a spoofed response. If the resolver fails to properly segregate cache entries by ECS scope, it may accept and cache a malicious non-ECS response, effectively leading to DNS cache poisoning. Unlike typical poisoning attempts that require precise timing or privileged network positions, this attack can be carried out remotely with a high success rate, especially in resolvers that do not correctly isolate ECS queries.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.18:rhcos-aarch64-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-ppc64le-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-s390x-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-x86_64-418.94.202510230424-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-5994"
},
{
"category": "external",
"summary": "RHBZ#2380949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380949"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-5994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5994"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-5994",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5994"
},
{
"category": "external",
"summary": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt",
"url": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt"
}
],
"release_date": "2025-07-16T14:38:22.738000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-29T09:26:54+00:00",
"details": "For OpenShift Container Platform 4.18 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is {x864_DIGEST}\n\n (For s390x architecture)\n The image digest is {s390x_DIGEST}\n\n (For ppc64le architecture)\n The image digest is {ppc64le_DIGEST}\n\n (For aarch64 architecture)\n The image digest is {aarch64_DIGEST}\n\nAll OpenShift Container Platform 4.18 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.18:rhcos-aarch64-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-ppc64le-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-s390x-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-x86_64-418.94.202510230424-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19046"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHOSE-4.18:rhcos-aarch64-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-ppc64le-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-s390x-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-x86_64-418.94.202510230424-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.18:rhcos-aarch64-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-ppc64le-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-s390x-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-x86_64-418.94.202510230424-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "unbound: Unbound Cache poisoning"
},
{
"cve": "CVE-2025-6965",
"cwe": {
"id": "CWE-197",
"name": "Numeric Truncation Error"
},
"discovery_date": "2025-07-15T14:02:19.241458+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380149"
}
],
"notes": [
{
"category": "description",
"text": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sqlite: Integer Truncation in SQLite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in SQLite is categorized as Important rather than Critical because, although it involves memory corruption, the conditions required to trigger it are relatively constrained. The flaw arises when a query causes the number of aggregate terms to exceed internal limits, leading to potential buffer overflows or memory mismanagement. However, exploitation requires the ability to craft complex SQL queries and interact with the SQLite engine in a specific manner\u2014typically through direct SQL input. There is no known evidence of arbitrary code execution, privilege escalation, or remote exploitability as a direct result of this flaw. Additionally, most SQLite deployments are embedded in applications where input is tightly controlled or sanitized.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.18:rhcos-aarch64-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-ppc64le-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-s390x-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-x86_64-418.94.202510230424-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "RHBZ#2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8",
"url": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8"
}
],
"release_date": "2025-07-15T13:44:00.784000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-29T09:26:54+00:00",
"details": "For OpenShift Container Platform 4.18 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is {x864_DIGEST}\n\n (For s390x architecture)\n The image digest is {s390x_DIGEST}\n\n (For ppc64le architecture)\n The image digest is {ppc64le_DIGEST}\n\n (For aarch64 architecture)\n The image digest is {aarch64_DIGEST}\n\nAll OpenShift Container Platform 4.18 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.18:rhcos-aarch64-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-ppc64le-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-s390x-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-x86_64-418.94.202510230424-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19046"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHOSE-4.18:rhcos-aarch64-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-ppc64le-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-s390x-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-x86_64-418.94.202510230424-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.18:rhcos-aarch64-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-ppc64le-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-s390x-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-x86_64-418.94.202510230424-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "sqlite: Integer Truncation in SQLite"
},
{
"acknowledgments": [
{
"names": [
"Paul Holzinger"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2025-9566",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-09-04T15:45:46.448000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2393152"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file.\n\nBinary-Affected: podman\nUpstream-version-introduced: v4.0.0\nUpstream-version-fixed: v5.6.1",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "podman: Podman kube play command may overwrite host files",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has evaluated this vulnerability as having the Important severity. This happens because of the consequences of an successful attack and the low complexity (AC:L) on exploiting this vulnerability. Although the attacker cannot control the content written to the target file, depending on which file was targeted, the exploitation of this flaw may lead sensitive data corruption (I:H) and leading the system to crash resulting in a Denial of Service attack (A:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.18:rhcos-aarch64-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-ppc64le-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-s390x-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-x86_64-418.94.202510230424-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9566"
},
{
"category": "external",
"summary": "RHBZ#2393152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2393152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9566",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9566"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9566",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9566"
}
],
"release_date": "2025-09-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-29T09:26:54+00:00",
"details": "For OpenShift Container Platform 4.18 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is {x864_DIGEST}\n\n (For s390x architecture)\n The image digest is {s390x_DIGEST}\n\n (For ppc64le architecture)\n The image digest is {ppc64le_DIGEST}\n\n (For aarch64 architecture)\n The image digest is {aarch64_DIGEST}\n\nAll OpenShift Container Platform 4.18 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.18:rhcos-aarch64-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-ppc64le-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-s390x-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-x86_64-418.94.202510230424-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19046"
},
{
"category": "workaround",
"details": "Red Hat advises to not run the podman kube play command with untrusted Kubernetes YAML file as input, additionally review the Kubernetes YAML file before running it through podman may help to catch maliciously crafted secretes or volumes that may be used to exploit this vulnerability.",
"product_ids": [
"9Base-RHOSE-4.18:rhcos-aarch64-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-ppc64le-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-s390x-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-x86_64-418.94.202510230424-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.18:rhcos-aarch64-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-ppc64le-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-s390x-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-x86_64-418.94.202510230424-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "podman: Podman kube play command may overwrite host files"
},
{
"cve": "CVE-2025-49794",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-06-11T21:33:43.044000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372373"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the \u003csch:name path=\"...\"/\u003e schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program\u0027s crash using libxml or other possible undefined behaviors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue was rated with a severity impact of Important by Red Hat Product Security, as libxml can be used to parse XML coming from the network depending on how the program consumes it and uses the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.18:rhcos-aarch64-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-ppc64le-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-s390x-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-x86_64-418.94.202510230424-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49794"
},
{
"category": "external",
"summary": "RHBZ#2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794"
}
],
"release_date": "2025-06-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-29T09:26:54+00:00",
"details": "For OpenShift Container Platform 4.18 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is {x864_DIGEST}\n\n (For s390x architecture)\n The image digest is {s390x_DIGEST}\n\n (For ppc64le architecture)\n The image digest is {ppc64le_DIGEST}\n\n (For aarch64 architecture)\n The image digest is {aarch64_DIGEST}\n\nAll OpenShift Container Platform 4.18 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.18:rhcos-aarch64-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-ppc64le-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-s390x-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-x86_64-418.94.202510230424-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19046"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than avoid processing untrusted XML documents before updating to the libxml version containing the fix.",
"product_ids": [
"9Base-RHOSE-4.18:rhcos-aarch64-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-ppc64le-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-s390x-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-x86_64-418.94.202510230424-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.18:rhcos-aarch64-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-ppc64le-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-s390x-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-x86_64-418.94.202510230424-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)"
},
{
"cve": "CVE-2025-49796",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-06-12T00:35:26.470000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372385"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Type confusion leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has evaluated this vulnerability as having an Important security impact, as libxml can be used to parse XML from the network depending on how the program consumes it using the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.18:rhcos-aarch64-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-ppc64le-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-s390x-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-x86_64-418.94.202510230424-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49796"
},
{
"category": "external",
"summary": "RHBZ#2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796"
}
],
"release_date": "2025-06-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-29T09:26:54+00:00",
"details": "For OpenShift Container Platform 4.18 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is {x864_DIGEST}\n\n (For s390x architecture)\n The image digest is {s390x_DIGEST}\n\n (For ppc64le architecture)\n The image digest is {ppc64le_DIGEST}\n\n (For aarch64 architecture)\n The image digest is {aarch64_DIGEST}\n\nAll OpenShift Container Platform 4.18 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.18:rhcos-aarch64-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-ppc64le-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-s390x-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-x86_64-418.94.202510230424-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19046"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than to avoid processing untrusted XML documents if the user is unable/unwilling to update the library.",
"product_ids": [
"9Base-RHOSE-4.18:rhcos-aarch64-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-ppc64le-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-s390x-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-x86_64-418.94.202510230424-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.18:rhcos-aarch64-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-ppc64le-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-s390x-418.94.202510230424-0",
"9Base-RHOSE-4.18:rhcos-x86_64-418.94.202510230424-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Type confusion leads to Denial of service (DoS)"
}
]
}
RHSA-2025:18240
Vulnerability from csaf_redhat - Published: 2025-10-23 17:46 - Updated: 2025-12-03 09:29Summary
Red Hat Security Advisory: OpenShift Container Platform 4.13.61 bug fix and security update
Notes
Topic
Red Hat OpenShift Container Platform release 4.13.61 is now available with updates to packages and images that fix several bugs and add enhancements.
This release includes a security update for Red Hat OpenShift Container Platform 4.13.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.61. See the following advisory for the RPM packages for this release:
https://access.redhat.com/errata/155272
Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:
https://docs.redhat.com/en/documentation/openshift_container_platform/4.13/html/release_notes
Security Fix(es):
None
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
All OpenShift Container Platform 4.13 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.13/html-single/updating_clusters/index#updating-cluster-within-minor.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.13.61 is now available with updates to packages and images that fix several bugs and add enhancements.\n\nThis release includes a security update for Red Hat OpenShift Container Platform 4.13.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the container images for Red Hat OpenShift Container Platform 4.13.61. See the following advisory for the RPM packages for this release:\n\nhttps://access.redhat.com/errata/155272\n\nSpace precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.13/html/release_notes\n\nSecurity Fix(es):\n\nNone\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAll OpenShift Container Platform 4.13 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.13/html-single/updating_clusters/index#updating-cluster-within-minor.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:18240",
"url": "https://access.redhat.com/errata/RHSA-2025:18240"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "2380949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380949"
},
{
"category": "external",
"summary": "2393152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2393152"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_18240.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.13.61 bug fix and security update",
"tracking": {
"current_release_date": "2025-12-03T09:29:36+00:00",
"generator": {
"date": "2025-12-03T09:29:36+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.13"
}
},
"id": "RHSA-2025:18240",
"initial_release_date": "2025-10-23T17:46:13+00:00",
"revision_history": [
{
"date": "2025-10-23T17:46:13+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-10-23T17:46:13+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-12-03T09:29:36+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.13",
"product": {
"name": "Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.13::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos-x86_64-413.92.202510150118-0",
"product": {
"name": "rhcos-x86_64-413.92.202510150118-0",
"product_id": "rhcos-x86_64-413.92.202510150118-0",
"product_identification_helper": {
"purl": "pkg:generic/redhat/rhcos@413.92.202510150118?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos-x86_64-413.92.202510150118-0 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:rhcos-x86_64-413.92.202510150118-0"
},
"product_reference": "rhcos-x86_64-413.92.202510150118-0",
"relates_to_product_reference": "9Base-RHOSE-4.13"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-5994",
"cwe": {
"id": "CWE-349",
"name": "Acceptance of Extraneous Untrusted Data With Trusted Data"
},
"discovery_date": "2025-07-16T15:01:36.497027+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380949"
}
],
"notes": [
{
"category": "description",
"text": "A cache poisoning flaw was found in Unbound. Resolvers supporting EDNS Client Subnet (ECS) must segregate outgoing queries to accommodate different outgoing ECS information. This issue reopens resolvers to a birthday paradox attack, known as the Rebirthday Attack, which attempts to match the DNS transaction ID with cache non-ECS poisoned replies.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "unbound: Unbound Cache poisoning",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is considered Important rather than Moderate because it directly compromises the integrity of DNS caching mechanisms in resolvers supporting EDNS Client Subnet (ECS). The flaw allows an attacker to exploit the birthday paradox by generating a high volume of concurrent queries with different ECS values, thereby increasing the chance of a transaction ID collision with a spoofed response. If the resolver fails to properly segregate cache entries by ECS scope, it may accept and cache a malicious non-ECS response, effectively leading to DNS cache poisoning. Unlike typical poisoning attempts that require precise timing or privileged network positions, this attack can be carried out remotely with a high success rate, especially in resolvers that do not correctly isolate ECS queries.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.13:rhcos-x86_64-413.92.202510150118-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-5994"
},
{
"category": "external",
"summary": "RHBZ#2380949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380949"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-5994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5994"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-5994",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5994"
},
{
"category": "external",
"summary": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt",
"url": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt"
}
],
"release_date": "2025-07-16T14:38:22.738000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-23T17:46:13+00:00",
"details": "For OpenShift Container Platform 4.13 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.13/html/release_notes\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\n The sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is {x86_64_DIGEST}\n\n (For s390x architecture)\n The image digest is {s390x_DIGEST}\n\n (For ppc64le architecture)\n The image digest is {ppc64le_DIGEST}\n\n (For aarch64 architecture)\n The image digest is {aarch64_DIGEST}\n\nAll OpenShift Container Platform 4.13 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.13/html-single/updating_clusters/index#updating-cluster-within-minor.",
"product_ids": [
"9Base-RHOSE-4.13:rhcos-x86_64-413.92.202510150118-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:18240"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHOSE-4.13:rhcos-x86_64-413.92.202510150118-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.13:rhcos-x86_64-413.92.202510150118-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "unbound: Unbound Cache poisoning"
},
{
"cve": "CVE-2025-6965",
"cwe": {
"id": "CWE-197",
"name": "Numeric Truncation Error"
},
"discovery_date": "2025-07-15T14:02:19.241458+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380149"
}
],
"notes": [
{
"category": "description",
"text": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sqlite: Integer Truncation in SQLite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in SQLite is categorized as Important rather than Critical because, although it involves memory corruption, the conditions required to trigger it are relatively constrained. The flaw arises when a query causes the number of aggregate terms to exceed internal limits, leading to potential buffer overflows or memory mismanagement. However, exploitation requires the ability to craft complex SQL queries and interact with the SQLite engine in a specific manner\u2014typically through direct SQL input. There is no known evidence of arbitrary code execution, privilege escalation, or remote exploitability as a direct result of this flaw. Additionally, most SQLite deployments are embedded in applications where input is tightly controlled or sanitized.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.13:rhcos-x86_64-413.92.202510150118-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "RHBZ#2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8",
"url": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8"
}
],
"release_date": "2025-07-15T13:44:00.784000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-23T17:46:13+00:00",
"details": "For OpenShift Container Platform 4.13 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.13/html/release_notes\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\n The sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is {x86_64_DIGEST}\n\n (For s390x architecture)\n The image digest is {s390x_DIGEST}\n\n (For ppc64le architecture)\n The image digest is {ppc64le_DIGEST}\n\n (For aarch64 architecture)\n The image digest is {aarch64_DIGEST}\n\nAll OpenShift Container Platform 4.13 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.13/html-single/updating_clusters/index#updating-cluster-within-minor.",
"product_ids": [
"9Base-RHOSE-4.13:rhcos-x86_64-413.92.202510150118-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:18240"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHOSE-4.13:rhcos-x86_64-413.92.202510150118-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.13:rhcos-x86_64-413.92.202510150118-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "sqlite: Integer Truncation in SQLite"
},
{
"acknowledgments": [
{
"names": [
"Paul Holzinger"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2025-9566",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-09-04T15:45:46.448000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2393152"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file.\n\nBinary-Affected: podman\nUpstream-version-introduced: v4.0.0\nUpstream-version-fixed: v5.6.1",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "podman: Podman kube play command may overwrite host files",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has evaluated this vulnerability as having the Important severity. This happens because of the consequences of an successful attack and the low complexity (AC:L) on exploiting this vulnerability. Although the attacker cannot control the content written to the target file, depending on which file was targeted, the exploitation of this flaw may lead sensitive data corruption (I:H) and leading the system to crash resulting in a Denial of Service attack (A:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.13:rhcos-x86_64-413.92.202510150118-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9566"
},
{
"category": "external",
"summary": "RHBZ#2393152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2393152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9566",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9566"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9566",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9566"
}
],
"release_date": "2025-09-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-23T17:46:13+00:00",
"details": "For OpenShift Container Platform 4.13 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.13/html/release_notes\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\n The sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is {x86_64_DIGEST}\n\n (For s390x architecture)\n The image digest is {s390x_DIGEST}\n\n (For ppc64le architecture)\n The image digest is {ppc64le_DIGEST}\n\n (For aarch64 architecture)\n The image digest is {aarch64_DIGEST}\n\nAll OpenShift Container Platform 4.13 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.13/html-single/updating_clusters/index#updating-cluster-within-minor.",
"product_ids": [
"9Base-RHOSE-4.13:rhcos-x86_64-413.92.202510150118-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:18240"
},
{
"category": "workaround",
"details": "Red Hat advises to not run the podman kube play command with untrusted Kubernetes YAML file as input, additionally review the Kubernetes YAML file before running it through podman may help to catch maliciously crafted secretes or volumes that may be used to exploit this vulnerability.",
"product_ids": [
"9Base-RHOSE-4.13:rhcos-x86_64-413.92.202510150118-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.13:rhcos-x86_64-413.92.202510150118-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "podman: Podman kube play command may overwrite host files"
},
{
"cve": "CVE-2025-49794",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-06-11T21:33:43.044000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372373"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the \u003csch:name path=\"...\"/\u003e schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program\u0027s crash using libxml or other possible undefined behaviors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue was rated with a severity impact of Important by Red Hat Product Security, as libxml can be used to parse XML coming from the network depending on how the program consumes it and uses the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.13:rhcos-x86_64-413.92.202510150118-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49794"
},
{
"category": "external",
"summary": "RHBZ#2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794"
}
],
"release_date": "2025-06-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-23T17:46:13+00:00",
"details": "For OpenShift Container Platform 4.13 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.13/html/release_notes\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\n The sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is {x86_64_DIGEST}\n\n (For s390x architecture)\n The image digest is {s390x_DIGEST}\n\n (For ppc64le architecture)\n The image digest is {ppc64le_DIGEST}\n\n (For aarch64 architecture)\n The image digest is {aarch64_DIGEST}\n\nAll OpenShift Container Platform 4.13 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.13/html-single/updating_clusters/index#updating-cluster-within-minor.",
"product_ids": [
"9Base-RHOSE-4.13:rhcos-x86_64-413.92.202510150118-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:18240"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than avoid processing untrusted XML documents before updating to the libxml version containing the fix.",
"product_ids": [
"9Base-RHOSE-4.13:rhcos-x86_64-413.92.202510150118-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.13:rhcos-x86_64-413.92.202510150118-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)"
},
{
"cve": "CVE-2025-49796",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-06-12T00:35:26.470000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372385"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Type confusion leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has evaluated this vulnerability as having an Important security impact, as libxml can be used to parse XML from the network depending on how the program consumes it using the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.13:rhcos-x86_64-413.92.202510150118-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49796"
},
{
"category": "external",
"summary": "RHBZ#2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796"
}
],
"release_date": "2025-06-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-23T17:46:13+00:00",
"details": "For OpenShift Container Platform 4.13 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.13/html/release_notes\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\n The sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is {x86_64_DIGEST}\n\n (For s390x architecture)\n The image digest is {s390x_DIGEST}\n\n (For ppc64le architecture)\n The image digest is {ppc64le_DIGEST}\n\n (For aarch64 architecture)\n The image digest is {aarch64_DIGEST}\n\nAll OpenShift Container Platform 4.13 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.13/html-single/updating_clusters/index#updating-cluster-within-minor.",
"product_ids": [
"9Base-RHOSE-4.13:rhcos-x86_64-413.92.202510150118-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:18240"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than to avoid processing untrusted XML documents if the user is unable/unwilling to update the library.",
"product_ids": [
"9Base-RHOSE-4.13:rhcos-x86_64-413.92.202510150118-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.13:rhcos-x86_64-413.92.202510150118-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Type confusion leads to Denial of service (DoS)"
}
]
}
RHSA-2025:18217
Vulnerability from csaf_redhat - Published: 2025-10-22 06:20 - Updated: 2025-12-03 09:29Summary
Red Hat Security Advisory: OpenShift Container Platform 4.19.17 bug fix and security update
Notes
Topic
Red Hat OpenShift Container Platform release 4.19.17 is now available with updates to packages and images that fix several bugs and add enhancements.
This release includes a security update for Red Hat OpenShift Container Platform 4.19.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the container images for Red Hat OpenShift Container Platform 4.19.17. See the following advisory for the RPM packages for this release:
https://access.redhat.com/errata/155269
Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:
https://docs.redhat.com/en/documentation/openshift_container_platform/4.19/html/release_notes/
Security Fix(es):
* libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c (CVE-2025-5914)
* unbound: Unbound Cache poisoning (CVE-2025-5994)
* sqlite: Integer Truncation in SQLite (CVE-2025-6965)
* podman: Podman kube play command may overwrite host files (CVE-2025-9566)
* libxml: Heap use after free (UAF) leads to Denial of service (DoS) (CVE-2025-49794)
* libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
All OpenShift Container Platform 4.19 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc)
or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.19/html-single/updating_clusters/index#updating-cluster-cli.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.19.17 is now available with updates to packages and images that fix several bugs and add enhancements.\n\nThis release includes a security update for Red Hat OpenShift Container Platform 4.19.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the container images for Red Hat OpenShift Container Platform 4.19.17. See the following advisory for the RPM packages for this release:\n\nhttps://access.redhat.com/errata/155269\n\nSpace precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.19/html/release_notes/\n\nSecurity Fix(es):\n\n* libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c (CVE-2025-5914)\n* unbound: Unbound Cache poisoning (CVE-2025-5994)\n* sqlite: Integer Truncation in SQLite (CVE-2025-6965)\n* podman: Podman kube play command may overwrite host files (CVE-2025-9566)\n* libxml: Heap use after free (UAF) leads to Denial of service (DoS) (CVE-2025-49794)\n* libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAll OpenShift Container Platform 4.19 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc)\nor web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.19/html-single/updating_clusters/index#updating-cluster-cli.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:18217",
"url": "https://access.redhat.com/errata/RHSA-2025:18217"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2370861",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370861"
},
{
"category": "external",
"summary": "2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "2380949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380949"
},
{
"category": "external",
"summary": "2393152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2393152"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_18217.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.19.17 bug fix and security update",
"tracking": {
"current_release_date": "2025-12-03T09:29:35+00:00",
"generator": {
"date": "2025-12-03T09:29:35+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.13"
}
},
"id": "RHSA-2025:18217",
"initial_release_date": "2025-10-22T06:20:41+00:00",
"revision_history": [
{
"date": "2025-10-22T06:20:41+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-10-22T06:20:41+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-12-03T09:29:35+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.19",
"product": {
"name": "Red Hat OpenShift Container Platform 4.19",
"product_id": "9Base-RHOSE-4.19",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.19::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos-aarch64-4.19.9.6.202510140714-0",
"product": {
"name": "rhcos-aarch64-4.19.9.6.202510140714-0",
"product_id": "rhcos-aarch64-4.19.9.6.202510140714-0",
"product_identification_helper": {
"purl": "pkg:generic/redhat/rhcos@4.19.9.6.202510140714?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos-ppc64le-4.19.9.6.202510140714-0",
"product": {
"name": "rhcos-ppc64le-4.19.9.6.202510140714-0",
"product_id": "rhcos-ppc64le-4.19.9.6.202510140714-0",
"product_identification_helper": {
"purl": "pkg:generic/redhat/rhcos@4.19.9.6.202510140714?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos-s390x-4.19.9.6.202510140714-0",
"product": {
"name": "rhcos-s390x-4.19.9.6.202510140714-0",
"product_id": "rhcos-s390x-4.19.9.6.202510140714-0",
"product_identification_helper": {
"purl": "pkg:generic/redhat/rhcos@4.19.9.6.202510140714?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos-x86_64-4.19.9.6.202510140714-0",
"product": {
"name": "rhcos-x86_64-4.19.9.6.202510140714-0",
"product_id": "rhcos-x86_64-4.19.9.6.202510140714-0",
"product_identification_helper": {
"purl": "pkg:generic/redhat/rhcos@4.19.9.6.202510140714?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos-aarch64-4.19.9.6.202510140714-0 as a component of Red Hat OpenShift Container Platform 4.19",
"product_id": "9Base-RHOSE-4.19:rhcos-aarch64-4.19.9.6.202510140714-0"
},
"product_reference": "rhcos-aarch64-4.19.9.6.202510140714-0",
"relates_to_product_reference": "9Base-RHOSE-4.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos-ppc64le-4.19.9.6.202510140714-0 as a component of Red Hat OpenShift Container Platform 4.19",
"product_id": "9Base-RHOSE-4.19:rhcos-ppc64le-4.19.9.6.202510140714-0"
},
"product_reference": "rhcos-ppc64le-4.19.9.6.202510140714-0",
"relates_to_product_reference": "9Base-RHOSE-4.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos-s390x-4.19.9.6.202510140714-0 as a component of Red Hat OpenShift Container Platform 4.19",
"product_id": "9Base-RHOSE-4.19:rhcos-s390x-4.19.9.6.202510140714-0"
},
"product_reference": "rhcos-s390x-4.19.9.6.202510140714-0",
"relates_to_product_reference": "9Base-RHOSE-4.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos-x86_64-4.19.9.6.202510140714-0 as a component of Red Hat OpenShift Container Platform 4.19",
"product_id": "9Base-RHOSE-4.19:rhcos-x86_64-4.19.9.6.202510140714-0"
},
"product_reference": "rhcos-x86_64-4.19.9.6.202510140714-0",
"relates_to_product_reference": "9Base-RHOSE-4.19"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-5914",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"discovery_date": "2025-06-06T17:58:25.491000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2370861"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has rated this vulnerability as Important because it allows a local attacker with limited privileges to trigger a double-free in libarchive\u0027s RAR parser by providing a specially crafted RAR archive. Successful exploitation could result in code execution or application crashes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.19:rhcos-aarch64-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-ppc64le-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-s390x-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-x86_64-4.19.9.6.202510140714-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-5914"
},
{
"category": "external",
"summary": "RHBZ#2370861",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370861"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-5914",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5914"
},
{
"category": "external",
"summary": "https://github.com/libarchive/libarchive/pull/2598",
"url": "https://github.com/libarchive/libarchive/pull/2598"
},
{
"category": "external",
"summary": "https://github.com/libarchive/libarchive/releases/tag/v3.8.0",
"url": "https://github.com/libarchive/libarchive/releases/tag/v3.8.0"
}
],
"release_date": "2025-05-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-22T06:20:41+00:00",
"details": "For OpenShift Container Platform 4.19 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.19/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is {x864_DIGEST}\n\n (For s390x architecture)\n The image digest is {s390x_DIGEST}\n\n (For ppc64le architecture)\n The image digest is {ppc64le_DIGEST}\n\n (For aarch64 architecture)\n The image digest is {aarch64_DIGEST}\n\nAll OpenShift Container Platform 4.19 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.19/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.19:rhcos-aarch64-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-ppc64le-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-s390x-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-x86_64-4.19.9.6.202510140714-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:18217"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.19:rhcos-aarch64-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-ppc64le-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-s390x-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-x86_64-4.19.9.6.202510140714-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c"
},
{
"cve": "CVE-2025-5994",
"cwe": {
"id": "CWE-349",
"name": "Acceptance of Extraneous Untrusted Data With Trusted Data"
},
"discovery_date": "2025-07-16T15:01:36.497027+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380949"
}
],
"notes": [
{
"category": "description",
"text": "A cache poisoning flaw was found in Unbound. Resolvers supporting EDNS Client Subnet (ECS) must segregate outgoing queries to accommodate different outgoing ECS information. This issue reopens resolvers to a birthday paradox attack, known as the Rebirthday Attack, which attempts to match the DNS transaction ID with cache non-ECS poisoned replies.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "unbound: Unbound Cache poisoning",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is considered Important rather than Moderate because it directly compromises the integrity of DNS caching mechanisms in resolvers supporting EDNS Client Subnet (ECS). The flaw allows an attacker to exploit the birthday paradox by generating a high volume of concurrent queries with different ECS values, thereby increasing the chance of a transaction ID collision with a spoofed response. If the resolver fails to properly segregate cache entries by ECS scope, it may accept and cache a malicious non-ECS response, effectively leading to DNS cache poisoning. Unlike typical poisoning attempts that require precise timing or privileged network positions, this attack can be carried out remotely with a high success rate, especially in resolvers that do not correctly isolate ECS queries.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.19:rhcos-aarch64-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-ppc64le-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-s390x-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-x86_64-4.19.9.6.202510140714-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-5994"
},
{
"category": "external",
"summary": "RHBZ#2380949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380949"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-5994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5994"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-5994",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5994"
},
{
"category": "external",
"summary": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt",
"url": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt"
}
],
"release_date": "2025-07-16T14:38:22.738000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-22T06:20:41+00:00",
"details": "For OpenShift Container Platform 4.19 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.19/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is {x864_DIGEST}\n\n (For s390x architecture)\n The image digest is {s390x_DIGEST}\n\n (For ppc64le architecture)\n The image digest is {ppc64le_DIGEST}\n\n (For aarch64 architecture)\n The image digest is {aarch64_DIGEST}\n\nAll OpenShift Container Platform 4.19 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.19/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.19:rhcos-aarch64-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-ppc64le-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-s390x-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-x86_64-4.19.9.6.202510140714-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:18217"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHOSE-4.19:rhcos-aarch64-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-ppc64le-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-s390x-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-x86_64-4.19.9.6.202510140714-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.19:rhcos-aarch64-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-ppc64le-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-s390x-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-x86_64-4.19.9.6.202510140714-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "unbound: Unbound Cache poisoning"
},
{
"cve": "CVE-2025-6965",
"cwe": {
"id": "CWE-197",
"name": "Numeric Truncation Error"
},
"discovery_date": "2025-07-15T14:02:19.241458+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380149"
}
],
"notes": [
{
"category": "description",
"text": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sqlite: Integer Truncation in SQLite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in SQLite is categorized as Important rather than Critical because, although it involves memory corruption, the conditions required to trigger it are relatively constrained. The flaw arises when a query causes the number of aggregate terms to exceed internal limits, leading to potential buffer overflows or memory mismanagement. However, exploitation requires the ability to craft complex SQL queries and interact with the SQLite engine in a specific manner\u2014typically through direct SQL input. There is no known evidence of arbitrary code execution, privilege escalation, or remote exploitability as a direct result of this flaw. Additionally, most SQLite deployments are embedded in applications where input is tightly controlled or sanitized.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.19:rhcos-aarch64-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-ppc64le-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-s390x-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-x86_64-4.19.9.6.202510140714-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "RHBZ#2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8",
"url": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8"
}
],
"release_date": "2025-07-15T13:44:00.784000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-22T06:20:41+00:00",
"details": "For OpenShift Container Platform 4.19 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.19/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is {x864_DIGEST}\n\n (For s390x architecture)\n The image digest is {s390x_DIGEST}\n\n (For ppc64le architecture)\n The image digest is {ppc64le_DIGEST}\n\n (For aarch64 architecture)\n The image digest is {aarch64_DIGEST}\n\nAll OpenShift Container Platform 4.19 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.19/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.19:rhcos-aarch64-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-ppc64le-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-s390x-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-x86_64-4.19.9.6.202510140714-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:18217"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHOSE-4.19:rhcos-aarch64-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-ppc64le-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-s390x-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-x86_64-4.19.9.6.202510140714-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.19:rhcos-aarch64-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-ppc64le-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-s390x-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-x86_64-4.19.9.6.202510140714-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "sqlite: Integer Truncation in SQLite"
},
{
"acknowledgments": [
{
"names": [
"Paul Holzinger"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2025-9566",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-09-04T15:45:46.448000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2393152"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file.\n\nBinary-Affected: podman\nUpstream-version-introduced: v4.0.0\nUpstream-version-fixed: v5.6.1",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "podman: Podman kube play command may overwrite host files",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has evaluated this vulnerability as having the Important severity. This happens because of the consequences of an successful attack and the low complexity (AC:L) on exploiting this vulnerability. Although the attacker cannot control the content written to the target file, depending on which file was targeted, the exploitation of this flaw may lead sensitive data corruption (I:H) and leading the system to crash resulting in a Denial of Service attack (A:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.19:rhcos-aarch64-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-ppc64le-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-s390x-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-x86_64-4.19.9.6.202510140714-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9566"
},
{
"category": "external",
"summary": "RHBZ#2393152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2393152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9566",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9566"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9566",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9566"
}
],
"release_date": "2025-09-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-22T06:20:41+00:00",
"details": "For OpenShift Container Platform 4.19 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.19/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is {x864_DIGEST}\n\n (For s390x architecture)\n The image digest is {s390x_DIGEST}\n\n (For ppc64le architecture)\n The image digest is {ppc64le_DIGEST}\n\n (For aarch64 architecture)\n The image digest is {aarch64_DIGEST}\n\nAll OpenShift Container Platform 4.19 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.19/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.19:rhcos-aarch64-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-ppc64le-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-s390x-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-x86_64-4.19.9.6.202510140714-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:18217"
},
{
"category": "workaround",
"details": "Red Hat advises to not run the podman kube play command with untrusted Kubernetes YAML file as input, additionally review the Kubernetes YAML file before running it through podman may help to catch maliciously crafted secretes or volumes that may be used to exploit this vulnerability.",
"product_ids": [
"9Base-RHOSE-4.19:rhcos-aarch64-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-ppc64le-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-s390x-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-x86_64-4.19.9.6.202510140714-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.19:rhcos-aarch64-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-ppc64le-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-s390x-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-x86_64-4.19.9.6.202510140714-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "podman: Podman kube play command may overwrite host files"
},
{
"cve": "CVE-2025-49794",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-06-11T21:33:43.044000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372373"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the \u003csch:name path=\"...\"/\u003e schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program\u0027s crash using libxml or other possible undefined behaviors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue was rated with a severity impact of Important by Red Hat Product Security, as libxml can be used to parse XML coming from the network depending on how the program consumes it and uses the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.19:rhcos-aarch64-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-ppc64le-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-s390x-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-x86_64-4.19.9.6.202510140714-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49794"
},
{
"category": "external",
"summary": "RHBZ#2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794"
}
],
"release_date": "2025-06-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-22T06:20:41+00:00",
"details": "For OpenShift Container Platform 4.19 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.19/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is {x864_DIGEST}\n\n (For s390x architecture)\n The image digest is {s390x_DIGEST}\n\n (For ppc64le architecture)\n The image digest is {ppc64le_DIGEST}\n\n (For aarch64 architecture)\n The image digest is {aarch64_DIGEST}\n\nAll OpenShift Container Platform 4.19 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.19/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.19:rhcos-aarch64-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-ppc64le-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-s390x-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-x86_64-4.19.9.6.202510140714-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:18217"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than avoid processing untrusted XML documents before updating to the libxml version containing the fix.",
"product_ids": [
"9Base-RHOSE-4.19:rhcos-aarch64-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-ppc64le-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-s390x-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-x86_64-4.19.9.6.202510140714-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.19:rhcos-aarch64-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-ppc64le-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-s390x-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-x86_64-4.19.9.6.202510140714-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)"
},
{
"cve": "CVE-2025-49796",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-06-12T00:35:26.470000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372385"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Type confusion leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has evaluated this vulnerability as having an Important security impact, as libxml can be used to parse XML from the network depending on how the program consumes it using the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.19:rhcos-aarch64-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-ppc64le-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-s390x-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-x86_64-4.19.9.6.202510140714-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49796"
},
{
"category": "external",
"summary": "RHBZ#2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796"
}
],
"release_date": "2025-06-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-22T06:20:41+00:00",
"details": "For OpenShift Container Platform 4.19 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.19/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is {x864_DIGEST}\n\n (For s390x architecture)\n The image digest is {s390x_DIGEST}\n\n (For ppc64le architecture)\n The image digest is {ppc64le_DIGEST}\n\n (For aarch64 architecture)\n The image digest is {aarch64_DIGEST}\n\nAll OpenShift Container Platform 4.19 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.19/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.19:rhcos-aarch64-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-ppc64le-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-s390x-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-x86_64-4.19.9.6.202510140714-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:18217"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than to avoid processing untrusted XML documents if the user is unable/unwilling to update the library.",
"product_ids": [
"9Base-RHOSE-4.19:rhcos-aarch64-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-ppc64le-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-s390x-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-x86_64-4.19.9.6.202510140714-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.19:rhcos-aarch64-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-ppc64le-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-s390x-4.19.9.6.202510140714-0",
"9Base-RHOSE-4.19:rhcos-x86_64-4.19.9.6.202510140714-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Type confusion leads to Denial of service (DoS)"
}
]
}
RHSA-2025:19041
Vulnerability from csaf_redhat - Published: 2025-10-30 05:41 - Updated: 2025-12-03 09:29Summary
Red Hat Security Advisory: OpenShift Container Platform 4.14.58 bug fix and security update
Notes
Topic
Red Hat OpenShift Container Platform release 4.14.58 is now available with
updates to packages and images that fix several bugs and add enhancements.
This release includes a security update for Red Hat OpenShift Container
Platform 4.14.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the container images for Red Hat OpenShift Container
Platform 4.14.58. See the following advisory for the RPM packages for this
release:
https://access.redhat.com/errata/155474
Space precludes documenting all of the container images in this advisory.
See the following Release Notes documentation, which will be updated
shortly for this release, for details about these changes:
https://docs.redhat.com/en/documentation/openshift_container_platform/4.14/html/release_notes/
Security Fix(es):
* libarchive: Double free at archive_read_format_rar_seek_data() in
archive_read_support_format_rar.c (CVE-2025-5914)
* unbound: Unbound Cache poisoning (CVE-2025-5994)
* sqlite: Integer Truncation in SQLite (CVE-2025-6965)
* podman: Podman kube play command may overwrite host files (CVE-2025-9566)
* libxml: Heap use after free (UAF) leads to Denial of service (DoS)
(CVE-2025-49794)
* libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
All OpenShift Container Platform 4.14 users are advised to upgrade to these
updated packages and images when they are available in the appropriate
release channel. To check for available updates, use the OpenShift CLI (oc)
or web console. Instructions for upgrading a cluster are available at
https://docs.redhat.com/en/documentation/openshift_container_platform/4.14/html-single/updating_clusters/index#updating-cluster-cli.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.14.58 is now available with\nupdates to packages and images that fix several bugs and add enhancements.\n\n This release includes a security update for Red Hat OpenShift Container\nPlatform 4.14.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the container images for Red Hat OpenShift Container\nPlatform 4.14.58. See the following advisory for the RPM packages for this\nrelease:\n\nhttps://access.redhat.com/errata/155474\n\nSpace precludes documenting all of the container images in this advisory.\nSee the following Release Notes documentation, which will be updated\nshortly for this release, for details about these changes:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.14/html/release_notes/\n\nSecurity Fix(es):\n\n* libarchive: Double free at archive_read_format_rar_seek_data() in\narchive_read_support_format_rar.c (CVE-2025-5914)\n* unbound: Unbound Cache poisoning (CVE-2025-5994)\n* sqlite: Integer Truncation in SQLite (CVE-2025-6965)\n* podman: Podman kube play command may overwrite host files (CVE-2025-9566)\n* libxml: Heap use after free (UAF) leads to Denial of service (DoS)\n(CVE-2025-49794)\n* libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.\n\nAll OpenShift Container Platform 4.14 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift CLI (oc)\nor web console. Instructions for upgrading a cluster are available at\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.14/html-single/updating_clusters/index#updating-cluster-cli.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:19041",
"url": "https://access.redhat.com/errata/RHSA-2025:19041"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2370861",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370861"
},
{
"category": "external",
"summary": "2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "2380949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380949"
},
{
"category": "external",
"summary": "2393152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2393152"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_19041.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.14.58 bug fix and security update",
"tracking": {
"current_release_date": "2025-12-03T09:29:37+00:00",
"generator": {
"date": "2025-12-03T09:29:37+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.13"
}
},
"id": "RHSA-2025:19041",
"initial_release_date": "2025-10-30T05:41:47+00:00",
"revision_history": [
{
"date": "2025-10-30T05:41:47+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-10-30T05:41:47+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-12-03T09:29:37+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.14",
"product": {
"name": "Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.14::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos-aarch64-414.92.202510211419-0",
"product": {
"name": "rhcos-aarch64-414.92.202510211419-0",
"product_id": "rhcos-aarch64-414.92.202510211419-0",
"product_identification_helper": {
"purl": "pkg:generic/redhat/rhcos@414.92.202510211419?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos-ppc64le-414.92.202510211419-0",
"product": {
"name": "rhcos-ppc64le-414.92.202510211419-0",
"product_id": "rhcos-ppc64le-414.92.202510211419-0",
"product_identification_helper": {
"purl": "pkg:generic/redhat/rhcos@414.92.202510211419?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos-s390x-414.92.202510211419-0",
"product": {
"name": "rhcos-s390x-414.92.202510211419-0",
"product_id": "rhcos-s390x-414.92.202510211419-0",
"product_identification_helper": {
"purl": "pkg:generic/redhat/rhcos@414.92.202510211419?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos-x86_64-414.92.202510211419-0",
"product": {
"name": "rhcos-x86_64-414.92.202510211419-0",
"product_id": "rhcos-x86_64-414.92.202510211419-0",
"product_identification_helper": {
"purl": "pkg:generic/redhat/rhcos@414.92.202510211419?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos-aarch64-414.92.202510211419-0 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:rhcos-aarch64-414.92.202510211419-0"
},
"product_reference": "rhcos-aarch64-414.92.202510211419-0",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos-ppc64le-414.92.202510211419-0 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:rhcos-ppc64le-414.92.202510211419-0"
},
"product_reference": "rhcos-ppc64le-414.92.202510211419-0",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos-s390x-414.92.202510211419-0 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:rhcos-s390x-414.92.202510211419-0"
},
"product_reference": "rhcos-s390x-414.92.202510211419-0",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos-x86_64-414.92.202510211419-0 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:rhcos-x86_64-414.92.202510211419-0"
},
"product_reference": "rhcos-x86_64-414.92.202510211419-0",
"relates_to_product_reference": "9Base-RHOSE-4.14"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-5914",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"discovery_date": "2025-06-06T17:58:25.491000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2370861"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has rated this vulnerability as Important because it allows a local attacker with limited privileges to trigger a double-free in libarchive\u0027s RAR parser by providing a specially crafted RAR archive. Successful exploitation could result in code execution or application crashes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.14:rhcos-aarch64-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-ppc64le-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-s390x-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-x86_64-414.92.202510211419-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-5914"
},
{
"category": "external",
"summary": "RHBZ#2370861",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370861"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-5914",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5914"
},
{
"category": "external",
"summary": "https://github.com/libarchive/libarchive/pull/2598",
"url": "https://github.com/libarchive/libarchive/pull/2598"
},
{
"category": "external",
"summary": "https://github.com/libarchive/libarchive/releases/tag/v3.8.0",
"url": "https://github.com/libarchive/libarchive/releases/tag/v3.8.0"
}
],
"release_date": "2025-05-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-30T05:41:47+00:00",
"details": "For OpenShift Container Platform 4.14 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.14/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata\nfor x86_64, s390x, ppc64le, and aarch64 architectures. The image digests\nmay be found at\nhttps://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is {x864_DIGEST}\n\n (For s390x architecture)\n The image digest is {s390x_DIGEST}\n\n (For ppc64le architecture)\n The image digest is {ppc64le_DIGEST}\n\n (For aarch64 architecture)\n The image digest is {aarch64_DIGEST}\n\nAll OpenShift Container Platform 4.14 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift CLI (oc)\nor web console. Instructions for upgrading a cluster are available at\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.14/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.14:rhcos-aarch64-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-ppc64le-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-s390x-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-x86_64-414.92.202510211419-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19041"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.14:rhcos-aarch64-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-ppc64le-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-s390x-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-x86_64-414.92.202510211419-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c"
},
{
"cve": "CVE-2025-5994",
"cwe": {
"id": "CWE-349",
"name": "Acceptance of Extraneous Untrusted Data With Trusted Data"
},
"discovery_date": "2025-07-16T15:01:36.497027+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380949"
}
],
"notes": [
{
"category": "description",
"text": "A cache poisoning flaw was found in Unbound. Resolvers supporting EDNS Client Subnet (ECS) must segregate outgoing queries to accommodate different outgoing ECS information. This issue reopens resolvers to a birthday paradox attack, known as the Rebirthday Attack, which attempts to match the DNS transaction ID with cache non-ECS poisoned replies.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "unbound: Unbound Cache poisoning",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is considered Important rather than Moderate because it directly compromises the integrity of DNS caching mechanisms in resolvers supporting EDNS Client Subnet (ECS). The flaw allows an attacker to exploit the birthday paradox by generating a high volume of concurrent queries with different ECS values, thereby increasing the chance of a transaction ID collision with a spoofed response. If the resolver fails to properly segregate cache entries by ECS scope, it may accept and cache a malicious non-ECS response, effectively leading to DNS cache poisoning. Unlike typical poisoning attempts that require precise timing or privileged network positions, this attack can be carried out remotely with a high success rate, especially in resolvers that do not correctly isolate ECS queries.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.14:rhcos-aarch64-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-ppc64le-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-s390x-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-x86_64-414.92.202510211419-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-5994"
},
{
"category": "external",
"summary": "RHBZ#2380949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380949"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-5994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5994"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-5994",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5994"
},
{
"category": "external",
"summary": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt",
"url": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt"
}
],
"release_date": "2025-07-16T14:38:22.738000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-30T05:41:47+00:00",
"details": "For OpenShift Container Platform 4.14 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.14/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata\nfor x86_64, s390x, ppc64le, and aarch64 architectures. The image digests\nmay be found at\nhttps://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is {x864_DIGEST}\n\n (For s390x architecture)\n The image digest is {s390x_DIGEST}\n\n (For ppc64le architecture)\n The image digest is {ppc64le_DIGEST}\n\n (For aarch64 architecture)\n The image digest is {aarch64_DIGEST}\n\nAll OpenShift Container Platform 4.14 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift CLI (oc)\nor web console. Instructions for upgrading a cluster are available at\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.14/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.14:rhcos-aarch64-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-ppc64le-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-s390x-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-x86_64-414.92.202510211419-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19041"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHOSE-4.14:rhcos-aarch64-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-ppc64le-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-s390x-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-x86_64-414.92.202510211419-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.14:rhcos-aarch64-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-ppc64le-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-s390x-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-x86_64-414.92.202510211419-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "unbound: Unbound Cache poisoning"
},
{
"cve": "CVE-2025-6965",
"cwe": {
"id": "CWE-197",
"name": "Numeric Truncation Error"
},
"discovery_date": "2025-07-15T14:02:19.241458+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380149"
}
],
"notes": [
{
"category": "description",
"text": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sqlite: Integer Truncation in SQLite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in SQLite is categorized as Important rather than Critical because, although it involves memory corruption, the conditions required to trigger it are relatively constrained. The flaw arises when a query causes the number of aggregate terms to exceed internal limits, leading to potential buffer overflows or memory mismanagement. However, exploitation requires the ability to craft complex SQL queries and interact with the SQLite engine in a specific manner\u2014typically through direct SQL input. There is no known evidence of arbitrary code execution, privilege escalation, or remote exploitability as a direct result of this flaw. Additionally, most SQLite deployments are embedded in applications where input is tightly controlled or sanitized.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.14:rhcos-aarch64-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-ppc64le-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-s390x-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-x86_64-414.92.202510211419-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "RHBZ#2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8",
"url": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8"
}
],
"release_date": "2025-07-15T13:44:00.784000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-30T05:41:47+00:00",
"details": "For OpenShift Container Platform 4.14 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.14/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata\nfor x86_64, s390x, ppc64le, and aarch64 architectures. The image digests\nmay be found at\nhttps://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is {x864_DIGEST}\n\n (For s390x architecture)\n The image digest is {s390x_DIGEST}\n\n (For ppc64le architecture)\n The image digest is {ppc64le_DIGEST}\n\n (For aarch64 architecture)\n The image digest is {aarch64_DIGEST}\n\nAll OpenShift Container Platform 4.14 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift CLI (oc)\nor web console. Instructions for upgrading a cluster are available at\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.14/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.14:rhcos-aarch64-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-ppc64le-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-s390x-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-x86_64-414.92.202510211419-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19041"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHOSE-4.14:rhcos-aarch64-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-ppc64le-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-s390x-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-x86_64-414.92.202510211419-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.14:rhcos-aarch64-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-ppc64le-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-s390x-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-x86_64-414.92.202510211419-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "sqlite: Integer Truncation in SQLite"
},
{
"acknowledgments": [
{
"names": [
"Paul Holzinger"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2025-9566",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-09-04T15:45:46.448000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2393152"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file.\n\nBinary-Affected: podman\nUpstream-version-introduced: v4.0.0\nUpstream-version-fixed: v5.6.1",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "podman: Podman kube play command may overwrite host files",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has evaluated this vulnerability as having the Important severity. This happens because of the consequences of an successful attack and the low complexity (AC:L) on exploiting this vulnerability. Although the attacker cannot control the content written to the target file, depending on which file was targeted, the exploitation of this flaw may lead sensitive data corruption (I:H) and leading the system to crash resulting in a Denial of Service attack (A:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.14:rhcos-aarch64-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-ppc64le-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-s390x-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-x86_64-414.92.202510211419-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9566"
},
{
"category": "external",
"summary": "RHBZ#2393152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2393152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9566",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9566"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9566",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9566"
}
],
"release_date": "2025-09-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-30T05:41:47+00:00",
"details": "For OpenShift Container Platform 4.14 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.14/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata\nfor x86_64, s390x, ppc64le, and aarch64 architectures. The image digests\nmay be found at\nhttps://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is {x864_DIGEST}\n\n (For s390x architecture)\n The image digest is {s390x_DIGEST}\n\n (For ppc64le architecture)\n The image digest is {ppc64le_DIGEST}\n\n (For aarch64 architecture)\n The image digest is {aarch64_DIGEST}\n\nAll OpenShift Container Platform 4.14 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift CLI (oc)\nor web console. Instructions for upgrading a cluster are available at\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.14/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.14:rhcos-aarch64-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-ppc64le-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-s390x-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-x86_64-414.92.202510211419-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19041"
},
{
"category": "workaround",
"details": "Red Hat advises to not run the podman kube play command with untrusted Kubernetes YAML file as input, additionally review the Kubernetes YAML file before running it through podman may help to catch maliciously crafted secretes or volumes that may be used to exploit this vulnerability.",
"product_ids": [
"9Base-RHOSE-4.14:rhcos-aarch64-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-ppc64le-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-s390x-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-x86_64-414.92.202510211419-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.14:rhcos-aarch64-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-ppc64le-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-s390x-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-x86_64-414.92.202510211419-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "podman: Podman kube play command may overwrite host files"
},
{
"cve": "CVE-2025-49794",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-06-11T21:33:43.044000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372373"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the \u003csch:name path=\"...\"/\u003e schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program\u0027s crash using libxml or other possible undefined behaviors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue was rated with a severity impact of Important by Red Hat Product Security, as libxml can be used to parse XML coming from the network depending on how the program consumes it and uses the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.14:rhcos-aarch64-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-ppc64le-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-s390x-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-x86_64-414.92.202510211419-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49794"
},
{
"category": "external",
"summary": "RHBZ#2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794"
}
],
"release_date": "2025-06-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-30T05:41:47+00:00",
"details": "For OpenShift Container Platform 4.14 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.14/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata\nfor x86_64, s390x, ppc64le, and aarch64 architectures. The image digests\nmay be found at\nhttps://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is {x864_DIGEST}\n\n (For s390x architecture)\n The image digest is {s390x_DIGEST}\n\n (For ppc64le architecture)\n The image digest is {ppc64le_DIGEST}\n\n (For aarch64 architecture)\n The image digest is {aarch64_DIGEST}\n\nAll OpenShift Container Platform 4.14 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift CLI (oc)\nor web console. Instructions for upgrading a cluster are available at\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.14/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.14:rhcos-aarch64-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-ppc64le-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-s390x-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-x86_64-414.92.202510211419-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19041"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than avoid processing untrusted XML documents before updating to the libxml version containing the fix.",
"product_ids": [
"9Base-RHOSE-4.14:rhcos-aarch64-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-ppc64le-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-s390x-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-x86_64-414.92.202510211419-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.14:rhcos-aarch64-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-ppc64le-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-s390x-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-x86_64-414.92.202510211419-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)"
},
{
"cve": "CVE-2025-49796",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-06-12T00:35:26.470000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372385"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Type confusion leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has evaluated this vulnerability as having an Important security impact, as libxml can be used to parse XML from the network depending on how the program consumes it using the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.14:rhcos-aarch64-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-ppc64le-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-s390x-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-x86_64-414.92.202510211419-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49796"
},
{
"category": "external",
"summary": "RHBZ#2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796"
}
],
"release_date": "2025-06-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-30T05:41:47+00:00",
"details": "For OpenShift Container Platform 4.14 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.14/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata\nfor x86_64, s390x, ppc64le, and aarch64 architectures. The image digests\nmay be found at\nhttps://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is {x864_DIGEST}\n\n (For s390x architecture)\n The image digest is {s390x_DIGEST}\n\n (For ppc64le architecture)\n The image digest is {ppc64le_DIGEST}\n\n (For aarch64 architecture)\n The image digest is {aarch64_DIGEST}\n\nAll OpenShift Container Platform 4.14 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift CLI (oc)\nor web console. Instructions for upgrading a cluster are available at\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.14/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.14:rhcos-aarch64-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-ppc64le-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-s390x-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-x86_64-414.92.202510211419-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19041"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than to avoid processing untrusted XML documents if the user is unable/unwilling to update the library.",
"product_ids": [
"9Base-RHOSE-4.14:rhcos-aarch64-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-ppc64le-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-s390x-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-x86_64-414.92.202510211419-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.14:rhcos-aarch64-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-ppc64le-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-s390x-414.92.202510211419-0",
"9Base-RHOSE-4.14:rhcos-x86_64-414.92.202510211419-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Type confusion leads to Denial of service (DoS)"
}
]
}
RHSA-2025:12416
Vulnerability from csaf_redhat - Published: 2025-07-31 14:23 - Updated: 2025-11-21 19:21Summary
Red Hat Security Advisory: unbound security update
Notes
Topic
An update for unbound is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver.
Security Fix(es):
* unbound: Unbound Cache poisoning (CVE-2025-5994)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for unbound is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. \n\nSecurity Fix(es):\n\n* unbound: Unbound Cache poisoning (CVE-2025-5994)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:12416",
"url": "https://access.redhat.com/errata/RHSA-2025:12416"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2380949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380949"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_12416.json"
}
],
"title": "Red Hat Security Advisory: unbound security update",
"tracking": {
"current_release_date": "2025-11-21T19:21:30+00:00",
"generator": {
"date": "2025-11-21T19:21:30+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2025:12416",
"initial_release_date": "2025-07-31T14:23:30+00:00",
"revision_history": [
{
"date": "2025-07-31T14:23:30+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-31T14:23:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T19:21:30+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.4::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product": {
"name": "Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.4::crb"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-unbound-0:1.16.2-8.el9_4.2.aarch64",
"product": {
"name": "python3-unbound-0:1.16.2-8.el9_4.2.aarch64",
"product_id": "python3-unbound-0:1.16.2-8.el9_4.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound@1.16.2-8.el9_4.2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-0:1.16.2-8.el9_4.2.aarch64",
"product": {
"name": "unbound-0:1.16.2-8.el9_4.2.aarch64",
"product_id": "unbound-0:1.16.2-8.el9_4.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.16.2-8.el9_4.2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-0:1.16.2-8.el9_4.2.aarch64",
"product": {
"name": "unbound-libs-0:1.16.2-8.el9_4.2.aarch64",
"product_id": "unbound-libs-0:1.16.2-8.el9_4.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.16.2-8.el9_4.2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.16.2-8.el9_4.2.aarch64",
"product": {
"name": "unbound-debugsource-0:1.16.2-8.el9_4.2.aarch64",
"product_id": "unbound-debugsource-0:1.16.2-8.el9_4.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.16.2-8.el9_4.2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.aarch64",
"product": {
"name": "python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.aarch64",
"product_id": "python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.16.2-8.el9_4.2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.16.2-8.el9_4.2.aarch64",
"product": {
"name": "unbound-debuginfo-0:1.16.2-8.el9_4.2.aarch64",
"product_id": "unbound-debuginfo-0:1.16.2-8.el9_4.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.16.2-8.el9_4.2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.aarch64",
"product": {
"name": "unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.aarch64",
"product_id": "unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.16.2-8.el9_4.2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-devel-0:1.16.2-8.el9_4.2.aarch64",
"product": {
"name": "unbound-devel-0:1.16.2-8.el9_4.2.aarch64",
"product_id": "unbound-devel-0:1.16.2-8.el9_4.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-devel@1.16.2-8.el9_4.2?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-unbound-0:1.16.2-8.el9_4.2.ppc64le",
"product": {
"name": "python3-unbound-0:1.16.2-8.el9_4.2.ppc64le",
"product_id": "python3-unbound-0:1.16.2-8.el9_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound@1.16.2-8.el9_4.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-0:1.16.2-8.el9_4.2.ppc64le",
"product": {
"name": "unbound-0:1.16.2-8.el9_4.2.ppc64le",
"product_id": "unbound-0:1.16.2-8.el9_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.16.2-8.el9_4.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-0:1.16.2-8.el9_4.2.ppc64le",
"product": {
"name": "unbound-libs-0:1.16.2-8.el9_4.2.ppc64le",
"product_id": "unbound-libs-0:1.16.2-8.el9_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.16.2-8.el9_4.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.16.2-8.el9_4.2.ppc64le",
"product": {
"name": "unbound-debugsource-0:1.16.2-8.el9_4.2.ppc64le",
"product_id": "unbound-debugsource-0:1.16.2-8.el9_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.16.2-8.el9_4.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.ppc64le",
"product": {
"name": "python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.ppc64le",
"product_id": "python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.16.2-8.el9_4.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.16.2-8.el9_4.2.ppc64le",
"product": {
"name": "unbound-debuginfo-0:1.16.2-8.el9_4.2.ppc64le",
"product_id": "unbound-debuginfo-0:1.16.2-8.el9_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.16.2-8.el9_4.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.ppc64le",
"product": {
"name": "unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.ppc64le",
"product_id": "unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.16.2-8.el9_4.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-devel-0:1.16.2-8.el9_4.2.ppc64le",
"product": {
"name": "unbound-devel-0:1.16.2-8.el9_4.2.ppc64le",
"product_id": "unbound-devel-0:1.16.2-8.el9_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-devel@1.16.2-8.el9_4.2?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-unbound-0:1.16.2-8.el9_4.2.x86_64",
"product": {
"name": "python3-unbound-0:1.16.2-8.el9_4.2.x86_64",
"product_id": "python3-unbound-0:1.16.2-8.el9_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound@1.16.2-8.el9_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-0:1.16.2-8.el9_4.2.x86_64",
"product": {
"name": "unbound-0:1.16.2-8.el9_4.2.x86_64",
"product_id": "unbound-0:1.16.2-8.el9_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.16.2-8.el9_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-0:1.16.2-8.el9_4.2.x86_64",
"product": {
"name": "unbound-libs-0:1.16.2-8.el9_4.2.x86_64",
"product_id": "unbound-libs-0:1.16.2-8.el9_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.16.2-8.el9_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.16.2-8.el9_4.2.x86_64",
"product": {
"name": "unbound-debugsource-0:1.16.2-8.el9_4.2.x86_64",
"product_id": "unbound-debugsource-0:1.16.2-8.el9_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.16.2-8.el9_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.x86_64",
"product": {
"name": "python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.x86_64",
"product_id": "python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.16.2-8.el9_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.16.2-8.el9_4.2.x86_64",
"product": {
"name": "unbound-debuginfo-0:1.16.2-8.el9_4.2.x86_64",
"product_id": "unbound-debuginfo-0:1.16.2-8.el9_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.16.2-8.el9_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.x86_64",
"product": {
"name": "unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.x86_64",
"product_id": "unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.16.2-8.el9_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-devel-0:1.16.2-8.el9_4.2.x86_64",
"product": {
"name": "unbound-devel-0:1.16.2-8.el9_4.2.x86_64",
"product_id": "unbound-devel-0:1.16.2-8.el9_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-devel@1.16.2-8.el9_4.2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "unbound-libs-0:1.16.2-8.el9_4.2.i686",
"product": {
"name": "unbound-libs-0:1.16.2-8.el9_4.2.i686",
"product_id": "unbound-libs-0:1.16.2-8.el9_4.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.16.2-8.el9_4.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.16.2-8.el9_4.2.i686",
"product": {
"name": "unbound-debugsource-0:1.16.2-8.el9_4.2.i686",
"product_id": "unbound-debugsource-0:1.16.2-8.el9_4.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.16.2-8.el9_4.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.i686",
"product": {
"name": "python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.i686",
"product_id": "python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.16.2-8.el9_4.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.16.2-8.el9_4.2.i686",
"product": {
"name": "unbound-debuginfo-0:1.16.2-8.el9_4.2.i686",
"product_id": "unbound-debuginfo-0:1.16.2-8.el9_4.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.16.2-8.el9_4.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.i686",
"product": {
"name": "unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.i686",
"product_id": "unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.16.2-8.el9_4.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "unbound-devel-0:1.16.2-8.el9_4.2.i686",
"product": {
"name": "unbound-devel-0:1.16.2-8.el9_4.2.i686",
"product_id": "unbound-devel-0:1.16.2-8.el9_4.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-devel@1.16.2-8.el9_4.2?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-unbound-0:1.16.2-8.el9_4.2.s390x",
"product": {
"name": "python3-unbound-0:1.16.2-8.el9_4.2.s390x",
"product_id": "python3-unbound-0:1.16.2-8.el9_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound@1.16.2-8.el9_4.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-0:1.16.2-8.el9_4.2.s390x",
"product": {
"name": "unbound-0:1.16.2-8.el9_4.2.s390x",
"product_id": "unbound-0:1.16.2-8.el9_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.16.2-8.el9_4.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-0:1.16.2-8.el9_4.2.s390x",
"product": {
"name": "unbound-libs-0:1.16.2-8.el9_4.2.s390x",
"product_id": "unbound-libs-0:1.16.2-8.el9_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.16.2-8.el9_4.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.16.2-8.el9_4.2.s390x",
"product": {
"name": "unbound-debugsource-0:1.16.2-8.el9_4.2.s390x",
"product_id": "unbound-debugsource-0:1.16.2-8.el9_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.16.2-8.el9_4.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.s390x",
"product": {
"name": "python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.s390x",
"product_id": "python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.16.2-8.el9_4.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.16.2-8.el9_4.2.s390x",
"product": {
"name": "unbound-debuginfo-0:1.16.2-8.el9_4.2.s390x",
"product_id": "unbound-debuginfo-0:1.16.2-8.el9_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.16.2-8.el9_4.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.s390x",
"product": {
"name": "unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.s390x",
"product_id": "unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.16.2-8.el9_4.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-devel-0:1.16.2-8.el9_4.2.s390x",
"product": {
"name": "unbound-devel-0:1.16.2-8.el9_4.2.s390x",
"product_id": "unbound-devel-0:1.16.2-8.el9_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-devel@1.16.2-8.el9_4.2?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "unbound-0:1.16.2-8.el9_4.2.src",
"product": {
"name": "unbound-0:1.16.2-8.el9_4.2.src",
"product_id": "unbound-0:1.16.2-8.el9_4.2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.16.2-8.el9_4.2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.16.2-8.el9_4.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.aarch64"
},
"product_reference": "python3-unbound-0:1.16.2-8.el9_4.2.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.16.2-8.el9_4.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.ppc64le"
},
"product_reference": "python3-unbound-0:1.16.2-8.el9_4.2.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.16.2-8.el9_4.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.s390x"
},
"product_reference": "python3-unbound-0:1.16.2-8.el9_4.2.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.16.2-8.el9_4.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.x86_64"
},
"product_reference": "python3-unbound-0:1.16.2-8.el9_4.2.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.aarch64"
},
"product_reference": "python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.i686"
},
"product_reference": "python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.i686",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.ppc64le"
},
"product_reference": "python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.s390x"
},
"product_reference": "python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.x86_64"
},
"product_reference": "python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.16.2-8.el9_4.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.aarch64"
},
"product_reference": "unbound-0:1.16.2-8.el9_4.2.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.16.2-8.el9_4.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.ppc64le"
},
"product_reference": "unbound-0:1.16.2-8.el9_4.2.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.16.2-8.el9_4.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.s390x"
},
"product_reference": "unbound-0:1.16.2-8.el9_4.2.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.16.2-8.el9_4.2.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.src"
},
"product_reference": "unbound-0:1.16.2-8.el9_4.2.src",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.16.2-8.el9_4.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.x86_64"
},
"product_reference": "unbound-0:1.16.2-8.el9_4.2.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.16.2-8.el9_4.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.aarch64"
},
"product_reference": "unbound-debuginfo-0:1.16.2-8.el9_4.2.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.16.2-8.el9_4.2.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.i686"
},
"product_reference": "unbound-debuginfo-0:1.16.2-8.el9_4.2.i686",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.16.2-8.el9_4.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.ppc64le"
},
"product_reference": "unbound-debuginfo-0:1.16.2-8.el9_4.2.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.16.2-8.el9_4.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.s390x"
},
"product_reference": "unbound-debuginfo-0:1.16.2-8.el9_4.2.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.16.2-8.el9_4.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.x86_64"
},
"product_reference": "unbound-debuginfo-0:1.16.2-8.el9_4.2.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.16.2-8.el9_4.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.aarch64"
},
"product_reference": "unbound-debugsource-0:1.16.2-8.el9_4.2.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.16.2-8.el9_4.2.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.i686"
},
"product_reference": "unbound-debugsource-0:1.16.2-8.el9_4.2.i686",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.16.2-8.el9_4.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.ppc64le"
},
"product_reference": "unbound-debugsource-0:1.16.2-8.el9_4.2.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.16.2-8.el9_4.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.s390x"
},
"product_reference": "unbound-debugsource-0:1.16.2-8.el9_4.2.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.16.2-8.el9_4.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.x86_64"
},
"product_reference": "unbound-debugsource-0:1.16.2-8.el9_4.2.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.16.2-8.el9_4.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.aarch64"
},
"product_reference": "unbound-devel-0:1.16.2-8.el9_4.2.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.16.2-8.el9_4.2.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.i686"
},
"product_reference": "unbound-devel-0:1.16.2-8.el9_4.2.i686",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.16.2-8.el9_4.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.ppc64le"
},
"product_reference": "unbound-devel-0:1.16.2-8.el9_4.2.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.16.2-8.el9_4.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.s390x"
},
"product_reference": "unbound-devel-0:1.16.2-8.el9_4.2.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.16.2-8.el9_4.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.x86_64"
},
"product_reference": "unbound-devel-0:1.16.2-8.el9_4.2.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.16.2-8.el9_4.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.aarch64"
},
"product_reference": "unbound-libs-0:1.16.2-8.el9_4.2.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.16.2-8.el9_4.2.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.i686"
},
"product_reference": "unbound-libs-0:1.16.2-8.el9_4.2.i686",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.16.2-8.el9_4.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.ppc64le"
},
"product_reference": "unbound-libs-0:1.16.2-8.el9_4.2.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.16.2-8.el9_4.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.s390x"
},
"product_reference": "unbound-libs-0:1.16.2-8.el9_4.2.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.16.2-8.el9_4.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.x86_64"
},
"product_reference": "unbound-libs-0:1.16.2-8.el9_4.2.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.aarch64"
},
"product_reference": "unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.i686"
},
"product_reference": "unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.i686",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.ppc64le"
},
"product_reference": "unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.s390x"
},
"product_reference": "unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.x86_64"
},
"product_reference": "unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.16.2-8.el9_4.2.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.aarch64"
},
"product_reference": "python3-unbound-0:1.16.2-8.el9_4.2.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.16.2-8.el9_4.2.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.ppc64le"
},
"product_reference": "python3-unbound-0:1.16.2-8.el9_4.2.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.16.2-8.el9_4.2.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.s390x"
},
"product_reference": "python3-unbound-0:1.16.2-8.el9_4.2.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.16.2-8.el9_4.2.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.x86_64"
},
"product_reference": "python3-unbound-0:1.16.2-8.el9_4.2.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.aarch64"
},
"product_reference": "python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.i686 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.i686"
},
"product_reference": "python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.i686",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.ppc64le"
},
"product_reference": "python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.s390x"
},
"product_reference": "python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.x86_64"
},
"product_reference": "python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.16.2-8.el9_4.2.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.aarch64"
},
"product_reference": "unbound-0:1.16.2-8.el9_4.2.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.16.2-8.el9_4.2.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.ppc64le"
},
"product_reference": "unbound-0:1.16.2-8.el9_4.2.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.16.2-8.el9_4.2.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.s390x"
},
"product_reference": "unbound-0:1.16.2-8.el9_4.2.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.16.2-8.el9_4.2.src as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.src"
},
"product_reference": "unbound-0:1.16.2-8.el9_4.2.src",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.16.2-8.el9_4.2.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.x86_64"
},
"product_reference": "unbound-0:1.16.2-8.el9_4.2.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.16.2-8.el9_4.2.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.aarch64"
},
"product_reference": "unbound-debuginfo-0:1.16.2-8.el9_4.2.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.16.2-8.el9_4.2.i686 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.i686"
},
"product_reference": "unbound-debuginfo-0:1.16.2-8.el9_4.2.i686",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.16.2-8.el9_4.2.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.ppc64le"
},
"product_reference": "unbound-debuginfo-0:1.16.2-8.el9_4.2.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.16.2-8.el9_4.2.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.s390x"
},
"product_reference": "unbound-debuginfo-0:1.16.2-8.el9_4.2.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.16.2-8.el9_4.2.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.x86_64"
},
"product_reference": "unbound-debuginfo-0:1.16.2-8.el9_4.2.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.16.2-8.el9_4.2.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.aarch64"
},
"product_reference": "unbound-debugsource-0:1.16.2-8.el9_4.2.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.16.2-8.el9_4.2.i686 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.i686"
},
"product_reference": "unbound-debugsource-0:1.16.2-8.el9_4.2.i686",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.16.2-8.el9_4.2.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.ppc64le"
},
"product_reference": "unbound-debugsource-0:1.16.2-8.el9_4.2.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.16.2-8.el9_4.2.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.s390x"
},
"product_reference": "unbound-debugsource-0:1.16.2-8.el9_4.2.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.16.2-8.el9_4.2.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.x86_64"
},
"product_reference": "unbound-debugsource-0:1.16.2-8.el9_4.2.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.16.2-8.el9_4.2.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.aarch64"
},
"product_reference": "unbound-devel-0:1.16.2-8.el9_4.2.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.16.2-8.el9_4.2.i686 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.i686"
},
"product_reference": "unbound-devel-0:1.16.2-8.el9_4.2.i686",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.16.2-8.el9_4.2.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.ppc64le"
},
"product_reference": "unbound-devel-0:1.16.2-8.el9_4.2.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.16.2-8.el9_4.2.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.s390x"
},
"product_reference": "unbound-devel-0:1.16.2-8.el9_4.2.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.16.2-8.el9_4.2.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.x86_64"
},
"product_reference": "unbound-devel-0:1.16.2-8.el9_4.2.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.16.2-8.el9_4.2.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.aarch64"
},
"product_reference": "unbound-libs-0:1.16.2-8.el9_4.2.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.16.2-8.el9_4.2.i686 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.i686"
},
"product_reference": "unbound-libs-0:1.16.2-8.el9_4.2.i686",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.16.2-8.el9_4.2.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.ppc64le"
},
"product_reference": "unbound-libs-0:1.16.2-8.el9_4.2.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.16.2-8.el9_4.2.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.s390x"
},
"product_reference": "unbound-libs-0:1.16.2-8.el9_4.2.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.16.2-8.el9_4.2.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.x86_64"
},
"product_reference": "unbound-libs-0:1.16.2-8.el9_4.2.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.aarch64"
},
"product_reference": "unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.i686 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.i686"
},
"product_reference": "unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.i686",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.ppc64le"
},
"product_reference": "unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.s390x"
},
"product_reference": "unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.x86_64"
},
"product_reference": "unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-5994",
"cwe": {
"id": "CWE-349",
"name": "Acceptance of Extraneous Untrusted Data With Trusted Data"
},
"discovery_date": "2025-07-16T15:01:36.497027+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380949"
}
],
"notes": [
{
"category": "description",
"text": "A cache poisoning flaw was found in Unbound. Resolvers supporting EDNS Client Subnet (ECS) must segregate outgoing queries to accommodate different outgoing ECS information. This issue reopens resolvers to a birthday paradox attack, known as the Rebirthday Attack, which attempts to match the DNS transaction ID with cache non-ECS poisoned replies.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "unbound: Unbound Cache poisoning",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is considered Important rather than Moderate because it directly compromises the integrity of DNS caching mechanisms in resolvers supporting EDNS Client Subnet (ECS). The flaw allows an attacker to exploit the birthday paradox by generating a high volume of concurrent queries with different ECS values, thereby increasing the chance of a transaction ID collision with a spoofed response. If the resolver fails to properly segregate cache entries by ECS scope, it may accept and cache a malicious non-ECS response, effectively leading to DNS cache poisoning. Unlike typical poisoning attempts that require precise timing or privileged network positions, this attack can be carried out remotely with a high success rate, especially in resolvers that do not correctly isolate ECS queries.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.aarch64",
"AppStream-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.s390x",
"AppStream-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.x86_64",
"AppStream-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.aarch64",
"AppStream-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.i686",
"AppStream-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.s390x",
"AppStream-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.x86_64",
"AppStream-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.aarch64",
"AppStream-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.ppc64le",
"AppStream-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.s390x",
"AppStream-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.src",
"AppStream-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.x86_64",
"AppStream-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.aarch64",
"AppStream-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.i686",
"AppStream-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.ppc64le",
"AppStream-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.s390x",
"AppStream-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.x86_64",
"AppStream-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.aarch64",
"AppStream-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.i686",
"AppStream-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.ppc64le",
"AppStream-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.s390x",
"AppStream-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.x86_64",
"AppStream-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.aarch64",
"AppStream-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.i686",
"AppStream-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.ppc64le",
"AppStream-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.s390x",
"AppStream-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.x86_64",
"AppStream-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.aarch64",
"AppStream-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.i686",
"AppStream-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.ppc64le",
"AppStream-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.s390x",
"AppStream-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.x86_64",
"AppStream-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.aarch64",
"AppStream-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.i686",
"AppStream-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.ppc64le",
"AppStream-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.s390x",
"AppStream-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.x86_64",
"CRB-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.aarch64",
"CRB-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.ppc64le",
"CRB-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.s390x",
"CRB-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.x86_64",
"CRB-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.aarch64",
"CRB-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.i686",
"CRB-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.ppc64le",
"CRB-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.s390x",
"CRB-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.x86_64",
"CRB-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.aarch64",
"CRB-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.ppc64le",
"CRB-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.s390x",
"CRB-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.src",
"CRB-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.x86_64",
"CRB-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.aarch64",
"CRB-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.i686",
"CRB-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.ppc64le",
"CRB-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.s390x",
"CRB-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.x86_64",
"CRB-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.aarch64",
"CRB-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.i686",
"CRB-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.ppc64le",
"CRB-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.s390x",
"CRB-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.x86_64",
"CRB-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.aarch64",
"CRB-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.i686",
"CRB-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.ppc64le",
"CRB-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.s390x",
"CRB-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.x86_64",
"CRB-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.aarch64",
"CRB-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.i686",
"CRB-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.ppc64le",
"CRB-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.s390x",
"CRB-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.x86_64",
"CRB-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.aarch64",
"CRB-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.i686",
"CRB-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.ppc64le",
"CRB-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.s390x",
"CRB-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-5994"
},
{
"category": "external",
"summary": "RHBZ#2380949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380949"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-5994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5994"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-5994",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5994"
},
{
"category": "external",
"summary": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt",
"url": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt"
}
],
"release_date": "2025-07-16T14:38:22.738000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-31T14:23:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.aarch64",
"AppStream-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.s390x",
"AppStream-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.x86_64",
"AppStream-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.aarch64",
"AppStream-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.i686",
"AppStream-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.s390x",
"AppStream-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.x86_64",
"AppStream-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.aarch64",
"AppStream-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.ppc64le",
"AppStream-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.s390x",
"AppStream-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.src",
"AppStream-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.x86_64",
"AppStream-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.aarch64",
"AppStream-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.i686",
"AppStream-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.ppc64le",
"AppStream-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.s390x",
"AppStream-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.x86_64",
"AppStream-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.aarch64",
"AppStream-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.i686",
"AppStream-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.ppc64le",
"AppStream-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.s390x",
"AppStream-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.x86_64",
"AppStream-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.aarch64",
"AppStream-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.i686",
"AppStream-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.ppc64le",
"AppStream-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.s390x",
"AppStream-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.x86_64",
"AppStream-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.aarch64",
"AppStream-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.i686",
"AppStream-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.ppc64le",
"AppStream-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.s390x",
"AppStream-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.x86_64",
"AppStream-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.aarch64",
"AppStream-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.i686",
"AppStream-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.ppc64le",
"AppStream-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.s390x",
"AppStream-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.x86_64",
"CRB-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.aarch64",
"CRB-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.ppc64le",
"CRB-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.s390x",
"CRB-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.x86_64",
"CRB-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.aarch64",
"CRB-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.i686",
"CRB-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.ppc64le",
"CRB-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.s390x",
"CRB-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.x86_64",
"CRB-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.aarch64",
"CRB-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.ppc64le",
"CRB-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.s390x",
"CRB-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.src",
"CRB-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.x86_64",
"CRB-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.aarch64",
"CRB-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.i686",
"CRB-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.ppc64le",
"CRB-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.s390x",
"CRB-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.x86_64",
"CRB-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.aarch64",
"CRB-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.i686",
"CRB-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.ppc64le",
"CRB-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.s390x",
"CRB-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.x86_64",
"CRB-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.aarch64",
"CRB-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.i686",
"CRB-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.ppc64le",
"CRB-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.s390x",
"CRB-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.x86_64",
"CRB-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.aarch64",
"CRB-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.i686",
"CRB-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.ppc64le",
"CRB-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.s390x",
"CRB-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.x86_64",
"CRB-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.aarch64",
"CRB-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.i686",
"CRB-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.ppc64le",
"CRB-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.s390x",
"CRB-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:12416"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.aarch64",
"AppStream-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.s390x",
"AppStream-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.x86_64",
"AppStream-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.aarch64",
"AppStream-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.i686",
"AppStream-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.s390x",
"AppStream-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.x86_64",
"AppStream-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.aarch64",
"AppStream-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.ppc64le",
"AppStream-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.s390x",
"AppStream-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.src",
"AppStream-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.x86_64",
"AppStream-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.aarch64",
"AppStream-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.i686",
"AppStream-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.ppc64le",
"AppStream-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.s390x",
"AppStream-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.x86_64",
"AppStream-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.aarch64",
"AppStream-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.i686",
"AppStream-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.ppc64le",
"AppStream-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.s390x",
"AppStream-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.x86_64",
"AppStream-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.aarch64",
"AppStream-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.i686",
"AppStream-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.ppc64le",
"AppStream-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.s390x",
"AppStream-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.x86_64",
"AppStream-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.aarch64",
"AppStream-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.i686",
"AppStream-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.ppc64le",
"AppStream-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.s390x",
"AppStream-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.x86_64",
"AppStream-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.aarch64",
"AppStream-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.i686",
"AppStream-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.ppc64le",
"AppStream-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.s390x",
"AppStream-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.x86_64",
"CRB-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.aarch64",
"CRB-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.ppc64le",
"CRB-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.s390x",
"CRB-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.x86_64",
"CRB-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.aarch64",
"CRB-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.i686",
"CRB-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.ppc64le",
"CRB-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.s390x",
"CRB-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.x86_64",
"CRB-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.aarch64",
"CRB-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.ppc64le",
"CRB-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.s390x",
"CRB-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.src",
"CRB-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.x86_64",
"CRB-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.aarch64",
"CRB-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.i686",
"CRB-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.ppc64le",
"CRB-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.s390x",
"CRB-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.x86_64",
"CRB-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.aarch64",
"CRB-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.i686",
"CRB-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.ppc64le",
"CRB-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.s390x",
"CRB-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.x86_64",
"CRB-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.aarch64",
"CRB-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.i686",
"CRB-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.ppc64le",
"CRB-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.s390x",
"CRB-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.x86_64",
"CRB-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.aarch64",
"CRB-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.i686",
"CRB-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.ppc64le",
"CRB-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.s390x",
"CRB-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.x86_64",
"CRB-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.aarch64",
"CRB-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.i686",
"CRB-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.ppc64le",
"CRB-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.s390x",
"CRB-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.aarch64",
"AppStream-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.s390x",
"AppStream-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.x86_64",
"AppStream-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.aarch64",
"AppStream-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.i686",
"AppStream-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.s390x",
"AppStream-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.x86_64",
"AppStream-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.aarch64",
"AppStream-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.ppc64le",
"AppStream-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.s390x",
"AppStream-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.src",
"AppStream-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.x86_64",
"AppStream-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.aarch64",
"AppStream-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.i686",
"AppStream-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.ppc64le",
"AppStream-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.s390x",
"AppStream-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.x86_64",
"AppStream-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.aarch64",
"AppStream-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.i686",
"AppStream-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.ppc64le",
"AppStream-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.s390x",
"AppStream-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.x86_64",
"AppStream-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.aarch64",
"AppStream-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.i686",
"AppStream-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.ppc64le",
"AppStream-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.s390x",
"AppStream-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.x86_64",
"AppStream-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.aarch64",
"AppStream-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.i686",
"AppStream-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.ppc64le",
"AppStream-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.s390x",
"AppStream-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.x86_64",
"AppStream-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.aarch64",
"AppStream-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.i686",
"AppStream-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.ppc64le",
"AppStream-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.s390x",
"AppStream-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.x86_64",
"CRB-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.aarch64",
"CRB-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.ppc64le",
"CRB-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.s390x",
"CRB-9.4.0.Z.EUS:python3-unbound-0:1.16.2-8.el9_4.2.x86_64",
"CRB-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.aarch64",
"CRB-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.i686",
"CRB-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.ppc64le",
"CRB-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.s390x",
"CRB-9.4.0.Z.EUS:python3-unbound-debuginfo-0:1.16.2-8.el9_4.2.x86_64",
"CRB-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.aarch64",
"CRB-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.ppc64le",
"CRB-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.s390x",
"CRB-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.src",
"CRB-9.4.0.Z.EUS:unbound-0:1.16.2-8.el9_4.2.x86_64",
"CRB-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.aarch64",
"CRB-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.i686",
"CRB-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.ppc64le",
"CRB-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.s390x",
"CRB-9.4.0.Z.EUS:unbound-debuginfo-0:1.16.2-8.el9_4.2.x86_64",
"CRB-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.aarch64",
"CRB-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.i686",
"CRB-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.ppc64le",
"CRB-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.s390x",
"CRB-9.4.0.Z.EUS:unbound-debugsource-0:1.16.2-8.el9_4.2.x86_64",
"CRB-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.aarch64",
"CRB-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.i686",
"CRB-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.ppc64le",
"CRB-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.s390x",
"CRB-9.4.0.Z.EUS:unbound-devel-0:1.16.2-8.el9_4.2.x86_64",
"CRB-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.aarch64",
"CRB-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.i686",
"CRB-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.ppc64le",
"CRB-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.s390x",
"CRB-9.4.0.Z.EUS:unbound-libs-0:1.16.2-8.el9_4.2.x86_64",
"CRB-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.aarch64",
"CRB-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.i686",
"CRB-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.ppc64le",
"CRB-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.s390x",
"CRB-9.4.0.Z.EUS:unbound-libs-debuginfo-0:1.16.2-8.el9_4.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "unbound: Unbound Cache poisoning"
}
]
}
RHSA-2025:13577
Vulnerability from csaf_redhat - Published: 2025-08-11 07:48 - Updated: 2025-11-21 19:22Summary
Red Hat Security Advisory: unbound security update
Notes
Topic
An update for unbound is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver.
Security Fix(es):
* unbound: Unbound Cache poisoning (CVE-2025-5994)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for unbound is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. \n\nSecurity Fix(es):\n\n* unbound: Unbound Cache poisoning (CVE-2025-5994)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:13577",
"url": "https://access.redhat.com/errata/RHSA-2025:13577"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2380949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380949"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_13577.json"
}
],
"title": "Red Hat Security Advisory: unbound security update",
"tracking": {
"current_release_date": "2025-11-21T19:22:46+00:00",
"generator": {
"date": "2025-11-21T19:22:46+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2025:13577",
"initial_release_date": "2025-08-11T07:48:10+00:00",
"revision_history": [
{
"date": "2025-08-11T07:48:10+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-09-22T12:29:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T19:22:46+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product": {
"name": "Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_aus:8.6::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product": {
"name": "Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:8.6::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product": {
"name": "Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_tus:8.6::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-unbound-0:1.7.3-17.el8_6.6.x86_64",
"product": {
"name": "python3-unbound-0:1.7.3-17.el8_6.6.x86_64",
"product_id": "python3-unbound-0:1.7.3-17.el8_6.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound@1.7.3-17.el8_6.6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-0:1.7.3-17.el8_6.6.x86_64",
"product": {
"name": "unbound-0:1.7.3-17.el8_6.6.x86_64",
"product_id": "unbound-0:1.7.3-17.el8_6.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.7.3-17.el8_6.6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-devel-0:1.7.3-17.el8_6.6.x86_64",
"product": {
"name": "unbound-devel-0:1.7.3-17.el8_6.6.x86_64",
"product_id": "unbound-devel-0:1.7.3-17.el8_6.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-devel@1.7.3-17.el8_6.6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-0:1.7.3-17.el8_6.6.x86_64",
"product": {
"name": "unbound-libs-0:1.7.3-17.el8_6.6.x86_64",
"product_id": "unbound-libs-0:1.7.3-17.el8_6.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.7.3-17.el8_6.6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.7.3-17.el8_6.6.x86_64",
"product": {
"name": "unbound-debugsource-0:1.7.3-17.el8_6.6.x86_64",
"product_id": "unbound-debugsource-0:1.7.3-17.el8_6.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.7.3-17.el8_6.6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"product": {
"name": "python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"product_id": "python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.7.3-17.el8_6.6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"product": {
"name": "unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"product_id": "unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.7.3-17.el8_6.6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"product": {
"name": "unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"product_id": "unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.7.3-17.el8_6.6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "unbound-devel-0:1.7.3-17.el8_6.6.i686",
"product": {
"name": "unbound-devel-0:1.7.3-17.el8_6.6.i686",
"product_id": "unbound-devel-0:1.7.3-17.el8_6.6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-devel@1.7.3-17.el8_6.6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-0:1.7.3-17.el8_6.6.i686",
"product": {
"name": "unbound-libs-0:1.7.3-17.el8_6.6.i686",
"product_id": "unbound-libs-0:1.7.3-17.el8_6.6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.7.3-17.el8_6.6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.7.3-17.el8_6.6.i686",
"product": {
"name": "unbound-debugsource-0:1.7.3-17.el8_6.6.i686",
"product_id": "unbound-debugsource-0:1.7.3-17.el8_6.6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.7.3-17.el8_6.6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.i686",
"product": {
"name": "python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.i686",
"product_id": "python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.7.3-17.el8_6.6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.7.3-17.el8_6.6.i686",
"product": {
"name": "unbound-debuginfo-0:1.7.3-17.el8_6.6.i686",
"product_id": "unbound-debuginfo-0:1.7.3-17.el8_6.6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.7.3-17.el8_6.6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.i686",
"product": {
"name": "unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.i686",
"product_id": "unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.7.3-17.el8_6.6?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "unbound-0:1.7.3-17.el8_6.6.src",
"product": {
"name": "unbound-0:1.7.3-17.el8_6.6.src",
"product_id": "unbound-0:1.7.3-17.el8_6.6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.7.3-17.el8_6.6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-unbound-0:1.7.3-17.el8_6.6.aarch64",
"product": {
"name": "python3-unbound-0:1.7.3-17.el8_6.6.aarch64",
"product_id": "python3-unbound-0:1.7.3-17.el8_6.6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound@1.7.3-17.el8_6.6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-0:1.7.3-17.el8_6.6.aarch64",
"product": {
"name": "unbound-0:1.7.3-17.el8_6.6.aarch64",
"product_id": "unbound-0:1.7.3-17.el8_6.6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.7.3-17.el8_6.6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-devel-0:1.7.3-17.el8_6.6.aarch64",
"product": {
"name": "unbound-devel-0:1.7.3-17.el8_6.6.aarch64",
"product_id": "unbound-devel-0:1.7.3-17.el8_6.6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-devel@1.7.3-17.el8_6.6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-0:1.7.3-17.el8_6.6.aarch64",
"product": {
"name": "unbound-libs-0:1.7.3-17.el8_6.6.aarch64",
"product_id": "unbound-libs-0:1.7.3-17.el8_6.6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.7.3-17.el8_6.6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.7.3-17.el8_6.6.aarch64",
"product": {
"name": "unbound-debugsource-0:1.7.3-17.el8_6.6.aarch64",
"product_id": "unbound-debugsource-0:1.7.3-17.el8_6.6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.7.3-17.el8_6.6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.aarch64",
"product": {
"name": "python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.aarch64",
"product_id": "python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.7.3-17.el8_6.6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.7.3-17.el8_6.6.aarch64",
"product": {
"name": "unbound-debuginfo-0:1.7.3-17.el8_6.6.aarch64",
"product_id": "unbound-debuginfo-0:1.7.3-17.el8_6.6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.7.3-17.el8_6.6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.aarch64",
"product": {
"name": "unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.aarch64",
"product_id": "unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.7.3-17.el8_6.6?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-unbound-0:1.7.3-17.el8_6.6.ppc64le",
"product": {
"name": "python3-unbound-0:1.7.3-17.el8_6.6.ppc64le",
"product_id": "python3-unbound-0:1.7.3-17.el8_6.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound@1.7.3-17.el8_6.6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-0:1.7.3-17.el8_6.6.ppc64le",
"product": {
"name": "unbound-0:1.7.3-17.el8_6.6.ppc64le",
"product_id": "unbound-0:1.7.3-17.el8_6.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.7.3-17.el8_6.6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-devel-0:1.7.3-17.el8_6.6.ppc64le",
"product": {
"name": "unbound-devel-0:1.7.3-17.el8_6.6.ppc64le",
"product_id": "unbound-devel-0:1.7.3-17.el8_6.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-devel@1.7.3-17.el8_6.6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-0:1.7.3-17.el8_6.6.ppc64le",
"product": {
"name": "unbound-libs-0:1.7.3-17.el8_6.6.ppc64le",
"product_id": "unbound-libs-0:1.7.3-17.el8_6.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.7.3-17.el8_6.6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.7.3-17.el8_6.6.ppc64le",
"product": {
"name": "unbound-debugsource-0:1.7.3-17.el8_6.6.ppc64le",
"product_id": "unbound-debugsource-0:1.7.3-17.el8_6.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.7.3-17.el8_6.6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.ppc64le",
"product": {
"name": "python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.ppc64le",
"product_id": "python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.7.3-17.el8_6.6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.7.3-17.el8_6.6.ppc64le",
"product": {
"name": "unbound-debuginfo-0:1.7.3-17.el8_6.6.ppc64le",
"product_id": "unbound-debuginfo-0:1.7.3-17.el8_6.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.7.3-17.el8_6.6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.ppc64le",
"product": {
"name": "unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.ppc64le",
"product_id": "unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.7.3-17.el8_6.6?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-unbound-0:1.7.3-17.el8_6.6.s390x",
"product": {
"name": "python3-unbound-0:1.7.3-17.el8_6.6.s390x",
"product_id": "python3-unbound-0:1.7.3-17.el8_6.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound@1.7.3-17.el8_6.6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-0:1.7.3-17.el8_6.6.s390x",
"product": {
"name": "unbound-0:1.7.3-17.el8_6.6.s390x",
"product_id": "unbound-0:1.7.3-17.el8_6.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.7.3-17.el8_6.6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-devel-0:1.7.3-17.el8_6.6.s390x",
"product": {
"name": "unbound-devel-0:1.7.3-17.el8_6.6.s390x",
"product_id": "unbound-devel-0:1.7.3-17.el8_6.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-devel@1.7.3-17.el8_6.6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-0:1.7.3-17.el8_6.6.s390x",
"product": {
"name": "unbound-libs-0:1.7.3-17.el8_6.6.s390x",
"product_id": "unbound-libs-0:1.7.3-17.el8_6.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.7.3-17.el8_6.6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.7.3-17.el8_6.6.s390x",
"product": {
"name": "unbound-debugsource-0:1.7.3-17.el8_6.6.s390x",
"product_id": "unbound-debugsource-0:1.7.3-17.el8_6.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.7.3-17.el8_6.6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.s390x",
"product": {
"name": "python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.s390x",
"product_id": "python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.7.3-17.el8_6.6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.7.3-17.el8_6.6.s390x",
"product": {
"name": "unbound-debuginfo-0:1.7.3-17.el8_6.6.s390x",
"product_id": "unbound-debuginfo-0:1.7.3-17.el8_6.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.7.3-17.el8_6.6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.s390x",
"product": {
"name": "unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.s390x",
"product_id": "unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.7.3-17.el8_6.6?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.7.3-17.el8_6.6.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:python3-unbound-0:1.7.3-17.el8_6.6.x86_64"
},
"product_reference": "python3-unbound-0:1.7.3-17.el8_6.6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.i686"
},
"product_reference": "python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.i686",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64"
},
"product_reference": "python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.7.3-17.el8_6.6.src as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:unbound-0:1.7.3-17.el8_6.6.src"
},
"product_reference": "unbound-0:1.7.3-17.el8_6.6.src",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.7.3-17.el8_6.6.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:unbound-0:1.7.3-17.el8_6.6.x86_64"
},
"product_reference": "unbound-0:1.7.3-17.el8_6.6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.7.3-17.el8_6.6.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:unbound-debuginfo-0:1.7.3-17.el8_6.6.i686"
},
"product_reference": "unbound-debuginfo-0:1.7.3-17.el8_6.6.i686",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64"
},
"product_reference": "unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.7.3-17.el8_6.6.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:unbound-debugsource-0:1.7.3-17.el8_6.6.i686"
},
"product_reference": "unbound-debugsource-0:1.7.3-17.el8_6.6.i686",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.7.3-17.el8_6.6.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:unbound-debugsource-0:1.7.3-17.el8_6.6.x86_64"
},
"product_reference": "unbound-debugsource-0:1.7.3-17.el8_6.6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.7.3-17.el8_6.6.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:unbound-devel-0:1.7.3-17.el8_6.6.i686"
},
"product_reference": "unbound-devel-0:1.7.3-17.el8_6.6.i686",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.7.3-17.el8_6.6.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:unbound-devel-0:1.7.3-17.el8_6.6.x86_64"
},
"product_reference": "unbound-devel-0:1.7.3-17.el8_6.6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.7.3-17.el8_6.6.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:unbound-libs-0:1.7.3-17.el8_6.6.i686"
},
"product_reference": "unbound-libs-0:1.7.3-17.el8_6.6.i686",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.7.3-17.el8_6.6.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:unbound-libs-0:1.7.3-17.el8_6.6.x86_64"
},
"product_reference": "unbound-libs-0:1.7.3-17.el8_6.6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.i686"
},
"product_reference": "unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.i686",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.x86_64"
},
"product_reference": "unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.7.3-17.el8_6.6.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:python3-unbound-0:1.7.3-17.el8_6.6.aarch64"
},
"product_reference": "python3-unbound-0:1.7.3-17.el8_6.6.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.7.3-17.el8_6.6.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:python3-unbound-0:1.7.3-17.el8_6.6.ppc64le"
},
"product_reference": "python3-unbound-0:1.7.3-17.el8_6.6.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.7.3-17.el8_6.6.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:python3-unbound-0:1.7.3-17.el8_6.6.s390x"
},
"product_reference": "python3-unbound-0:1.7.3-17.el8_6.6.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.7.3-17.el8_6.6.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:python3-unbound-0:1.7.3-17.el8_6.6.x86_64"
},
"product_reference": "python3-unbound-0:1.7.3-17.el8_6.6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.aarch64"
},
"product_reference": "python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.i686"
},
"product_reference": "python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.i686",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.ppc64le"
},
"product_reference": "python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.s390x"
},
"product_reference": "python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64"
},
"product_reference": "python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.7.3-17.el8_6.6.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:unbound-0:1.7.3-17.el8_6.6.aarch64"
},
"product_reference": "unbound-0:1.7.3-17.el8_6.6.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.7.3-17.el8_6.6.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:unbound-0:1.7.3-17.el8_6.6.ppc64le"
},
"product_reference": "unbound-0:1.7.3-17.el8_6.6.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.7.3-17.el8_6.6.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:unbound-0:1.7.3-17.el8_6.6.s390x"
},
"product_reference": "unbound-0:1.7.3-17.el8_6.6.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.7.3-17.el8_6.6.src as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:unbound-0:1.7.3-17.el8_6.6.src"
},
"product_reference": "unbound-0:1.7.3-17.el8_6.6.src",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.7.3-17.el8_6.6.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:unbound-0:1.7.3-17.el8_6.6.x86_64"
},
"product_reference": "unbound-0:1.7.3-17.el8_6.6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.7.3-17.el8_6.6.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:unbound-debuginfo-0:1.7.3-17.el8_6.6.aarch64"
},
"product_reference": "unbound-debuginfo-0:1.7.3-17.el8_6.6.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.7.3-17.el8_6.6.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:unbound-debuginfo-0:1.7.3-17.el8_6.6.i686"
},
"product_reference": "unbound-debuginfo-0:1.7.3-17.el8_6.6.i686",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.7.3-17.el8_6.6.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:unbound-debuginfo-0:1.7.3-17.el8_6.6.ppc64le"
},
"product_reference": "unbound-debuginfo-0:1.7.3-17.el8_6.6.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.7.3-17.el8_6.6.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:unbound-debuginfo-0:1.7.3-17.el8_6.6.s390x"
},
"product_reference": "unbound-debuginfo-0:1.7.3-17.el8_6.6.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64"
},
"product_reference": "unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.7.3-17.el8_6.6.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:unbound-debugsource-0:1.7.3-17.el8_6.6.aarch64"
},
"product_reference": "unbound-debugsource-0:1.7.3-17.el8_6.6.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.7.3-17.el8_6.6.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:unbound-debugsource-0:1.7.3-17.el8_6.6.i686"
},
"product_reference": "unbound-debugsource-0:1.7.3-17.el8_6.6.i686",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.7.3-17.el8_6.6.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:unbound-debugsource-0:1.7.3-17.el8_6.6.ppc64le"
},
"product_reference": "unbound-debugsource-0:1.7.3-17.el8_6.6.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.7.3-17.el8_6.6.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:unbound-debugsource-0:1.7.3-17.el8_6.6.s390x"
},
"product_reference": "unbound-debugsource-0:1.7.3-17.el8_6.6.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.7.3-17.el8_6.6.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:unbound-debugsource-0:1.7.3-17.el8_6.6.x86_64"
},
"product_reference": "unbound-debugsource-0:1.7.3-17.el8_6.6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.7.3-17.el8_6.6.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:unbound-devel-0:1.7.3-17.el8_6.6.aarch64"
},
"product_reference": "unbound-devel-0:1.7.3-17.el8_6.6.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.7.3-17.el8_6.6.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:unbound-devel-0:1.7.3-17.el8_6.6.i686"
},
"product_reference": "unbound-devel-0:1.7.3-17.el8_6.6.i686",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.7.3-17.el8_6.6.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:unbound-devel-0:1.7.3-17.el8_6.6.ppc64le"
},
"product_reference": "unbound-devel-0:1.7.3-17.el8_6.6.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.7.3-17.el8_6.6.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:unbound-devel-0:1.7.3-17.el8_6.6.s390x"
},
"product_reference": "unbound-devel-0:1.7.3-17.el8_6.6.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.7.3-17.el8_6.6.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:unbound-devel-0:1.7.3-17.el8_6.6.x86_64"
},
"product_reference": "unbound-devel-0:1.7.3-17.el8_6.6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.7.3-17.el8_6.6.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:unbound-libs-0:1.7.3-17.el8_6.6.aarch64"
},
"product_reference": "unbound-libs-0:1.7.3-17.el8_6.6.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.7.3-17.el8_6.6.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:unbound-libs-0:1.7.3-17.el8_6.6.i686"
},
"product_reference": "unbound-libs-0:1.7.3-17.el8_6.6.i686",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.7.3-17.el8_6.6.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:unbound-libs-0:1.7.3-17.el8_6.6.ppc64le"
},
"product_reference": "unbound-libs-0:1.7.3-17.el8_6.6.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.7.3-17.el8_6.6.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:unbound-libs-0:1.7.3-17.el8_6.6.s390x"
},
"product_reference": "unbound-libs-0:1.7.3-17.el8_6.6.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.7.3-17.el8_6.6.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:unbound-libs-0:1.7.3-17.el8_6.6.x86_64"
},
"product_reference": "unbound-libs-0:1.7.3-17.el8_6.6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.aarch64"
},
"product_reference": "unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.i686"
},
"product_reference": "unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.i686",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.ppc64le"
},
"product_reference": "unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.s390x"
},
"product_reference": "unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.x86_64"
},
"product_reference": "unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.7.3-17.el8_6.6.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:python3-unbound-0:1.7.3-17.el8_6.6.x86_64"
},
"product_reference": "python3-unbound-0:1.7.3-17.el8_6.6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.i686 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.i686"
},
"product_reference": "python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.i686",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64"
},
"product_reference": "python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.7.3-17.el8_6.6.src as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:unbound-0:1.7.3-17.el8_6.6.src"
},
"product_reference": "unbound-0:1.7.3-17.el8_6.6.src",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.7.3-17.el8_6.6.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:unbound-0:1.7.3-17.el8_6.6.x86_64"
},
"product_reference": "unbound-0:1.7.3-17.el8_6.6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.7.3-17.el8_6.6.i686 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:unbound-debuginfo-0:1.7.3-17.el8_6.6.i686"
},
"product_reference": "unbound-debuginfo-0:1.7.3-17.el8_6.6.i686",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64"
},
"product_reference": "unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.7.3-17.el8_6.6.i686 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:unbound-debugsource-0:1.7.3-17.el8_6.6.i686"
},
"product_reference": "unbound-debugsource-0:1.7.3-17.el8_6.6.i686",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.7.3-17.el8_6.6.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:unbound-debugsource-0:1.7.3-17.el8_6.6.x86_64"
},
"product_reference": "unbound-debugsource-0:1.7.3-17.el8_6.6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.7.3-17.el8_6.6.i686 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:unbound-devel-0:1.7.3-17.el8_6.6.i686"
},
"product_reference": "unbound-devel-0:1.7.3-17.el8_6.6.i686",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.7.3-17.el8_6.6.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:unbound-devel-0:1.7.3-17.el8_6.6.x86_64"
},
"product_reference": "unbound-devel-0:1.7.3-17.el8_6.6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.7.3-17.el8_6.6.i686 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:unbound-libs-0:1.7.3-17.el8_6.6.i686"
},
"product_reference": "unbound-libs-0:1.7.3-17.el8_6.6.i686",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.7.3-17.el8_6.6.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:unbound-libs-0:1.7.3-17.el8_6.6.x86_64"
},
"product_reference": "unbound-libs-0:1.7.3-17.el8_6.6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.i686 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.i686"
},
"product_reference": "unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.i686",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.x86_64"
},
"product_reference": "unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-5994",
"cwe": {
"id": "CWE-349",
"name": "Acceptance of Extraneous Untrusted Data With Trusted Data"
},
"discovery_date": "2025-07-16T15:01:36.497027+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380949"
}
],
"notes": [
{
"category": "description",
"text": "A cache poisoning flaw was found in Unbound. Resolvers supporting EDNS Client Subnet (ECS) must segregate outgoing queries to accommodate different outgoing ECS information. This issue reopens resolvers to a birthday paradox attack, known as the Rebirthday Attack, which attempts to match the DNS transaction ID with cache non-ECS poisoned replies.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "unbound: Unbound Cache poisoning",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is considered Important rather than Moderate because it directly compromises the integrity of DNS caching mechanisms in resolvers supporting EDNS Client Subnet (ECS). The flaw allows an attacker to exploit the birthday paradox by generating a high volume of concurrent queries with different ECS values, thereby increasing the chance of a transaction ID collision with a spoofed response. If the resolver fails to properly segregate cache entries by ECS scope, it may accept and cache a malicious non-ECS response, effectively leading to DNS cache poisoning. Unlike typical poisoning attempts that require precise timing or privileged network positions, this attack can be carried out remotely with a high success rate, especially in resolvers that do not correctly isolate ECS queries.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.Z.AUS:python3-unbound-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.AUS:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.AUS:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.AUS:unbound-0:1.7.3-17.el8_6.6.src",
"AppStream-8.6.0.Z.AUS:unbound-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.AUS:unbound-debuginfo-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.AUS:unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.AUS:unbound-debugsource-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.AUS:unbound-debugsource-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.AUS:unbound-devel-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.AUS:unbound-devel-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.AUS:unbound-libs-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.AUS:unbound-libs-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.AUS:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.AUS:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.E4S:python3-unbound-0:1.7.3-17.el8_6.6.aarch64",
"AppStream-8.6.0.Z.E4S:python3-unbound-0:1.7.3-17.el8_6.6.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-unbound-0:1.7.3-17.el8_6.6.s390x",
"AppStream-8.6.0.Z.E4S:python3-unbound-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.E4S:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.aarch64",
"AppStream-8.6.0.Z.E4S:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.E4S:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.s390x",
"AppStream-8.6.0.Z.E4S:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.E4S:unbound-0:1.7.3-17.el8_6.6.aarch64",
"AppStream-8.6.0.Z.E4S:unbound-0:1.7.3-17.el8_6.6.ppc64le",
"AppStream-8.6.0.Z.E4S:unbound-0:1.7.3-17.el8_6.6.s390x",
"AppStream-8.6.0.Z.E4S:unbound-0:1.7.3-17.el8_6.6.src",
"AppStream-8.6.0.Z.E4S:unbound-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.E4S:unbound-debuginfo-0:1.7.3-17.el8_6.6.aarch64",
"AppStream-8.6.0.Z.E4S:unbound-debuginfo-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.E4S:unbound-debuginfo-0:1.7.3-17.el8_6.6.ppc64le",
"AppStream-8.6.0.Z.E4S:unbound-debuginfo-0:1.7.3-17.el8_6.6.s390x",
"AppStream-8.6.0.Z.E4S:unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.E4S:unbound-debugsource-0:1.7.3-17.el8_6.6.aarch64",
"AppStream-8.6.0.Z.E4S:unbound-debugsource-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.E4S:unbound-debugsource-0:1.7.3-17.el8_6.6.ppc64le",
"AppStream-8.6.0.Z.E4S:unbound-debugsource-0:1.7.3-17.el8_6.6.s390x",
"AppStream-8.6.0.Z.E4S:unbound-debugsource-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.E4S:unbound-devel-0:1.7.3-17.el8_6.6.aarch64",
"AppStream-8.6.0.Z.E4S:unbound-devel-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.E4S:unbound-devel-0:1.7.3-17.el8_6.6.ppc64le",
"AppStream-8.6.0.Z.E4S:unbound-devel-0:1.7.3-17.el8_6.6.s390x",
"AppStream-8.6.0.Z.E4S:unbound-devel-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.E4S:unbound-libs-0:1.7.3-17.el8_6.6.aarch64",
"AppStream-8.6.0.Z.E4S:unbound-libs-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.E4S:unbound-libs-0:1.7.3-17.el8_6.6.ppc64le",
"AppStream-8.6.0.Z.E4S:unbound-libs-0:1.7.3-17.el8_6.6.s390x",
"AppStream-8.6.0.Z.E4S:unbound-libs-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.E4S:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.aarch64",
"AppStream-8.6.0.Z.E4S:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.E4S:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.ppc64le",
"AppStream-8.6.0.Z.E4S:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.s390x",
"AppStream-8.6.0.Z.E4S:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.TUS:python3-unbound-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.TUS:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.TUS:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.TUS:unbound-0:1.7.3-17.el8_6.6.src",
"AppStream-8.6.0.Z.TUS:unbound-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.TUS:unbound-debuginfo-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.TUS:unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.TUS:unbound-debugsource-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.TUS:unbound-debugsource-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.TUS:unbound-devel-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.TUS:unbound-devel-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.TUS:unbound-libs-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.TUS:unbound-libs-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.TUS:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.TUS:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-5994"
},
{
"category": "external",
"summary": "RHBZ#2380949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380949"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-5994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5994"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-5994",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5994"
},
{
"category": "external",
"summary": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt",
"url": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt"
}
],
"release_date": "2025-07-16T14:38:22.738000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-11T07:48:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.Z.AUS:python3-unbound-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.AUS:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.AUS:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.AUS:unbound-0:1.7.3-17.el8_6.6.src",
"AppStream-8.6.0.Z.AUS:unbound-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.AUS:unbound-debuginfo-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.AUS:unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.AUS:unbound-debugsource-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.AUS:unbound-debugsource-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.AUS:unbound-devel-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.AUS:unbound-devel-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.AUS:unbound-libs-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.AUS:unbound-libs-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.AUS:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.AUS:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.E4S:python3-unbound-0:1.7.3-17.el8_6.6.aarch64",
"AppStream-8.6.0.Z.E4S:python3-unbound-0:1.7.3-17.el8_6.6.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-unbound-0:1.7.3-17.el8_6.6.s390x",
"AppStream-8.6.0.Z.E4S:python3-unbound-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.E4S:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.aarch64",
"AppStream-8.6.0.Z.E4S:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.E4S:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.s390x",
"AppStream-8.6.0.Z.E4S:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.E4S:unbound-0:1.7.3-17.el8_6.6.aarch64",
"AppStream-8.6.0.Z.E4S:unbound-0:1.7.3-17.el8_6.6.ppc64le",
"AppStream-8.6.0.Z.E4S:unbound-0:1.7.3-17.el8_6.6.s390x",
"AppStream-8.6.0.Z.E4S:unbound-0:1.7.3-17.el8_6.6.src",
"AppStream-8.6.0.Z.E4S:unbound-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.E4S:unbound-debuginfo-0:1.7.3-17.el8_6.6.aarch64",
"AppStream-8.6.0.Z.E4S:unbound-debuginfo-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.E4S:unbound-debuginfo-0:1.7.3-17.el8_6.6.ppc64le",
"AppStream-8.6.0.Z.E4S:unbound-debuginfo-0:1.7.3-17.el8_6.6.s390x",
"AppStream-8.6.0.Z.E4S:unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.E4S:unbound-debugsource-0:1.7.3-17.el8_6.6.aarch64",
"AppStream-8.6.0.Z.E4S:unbound-debugsource-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.E4S:unbound-debugsource-0:1.7.3-17.el8_6.6.ppc64le",
"AppStream-8.6.0.Z.E4S:unbound-debugsource-0:1.7.3-17.el8_6.6.s390x",
"AppStream-8.6.0.Z.E4S:unbound-debugsource-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.E4S:unbound-devel-0:1.7.3-17.el8_6.6.aarch64",
"AppStream-8.6.0.Z.E4S:unbound-devel-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.E4S:unbound-devel-0:1.7.3-17.el8_6.6.ppc64le",
"AppStream-8.6.0.Z.E4S:unbound-devel-0:1.7.3-17.el8_6.6.s390x",
"AppStream-8.6.0.Z.E4S:unbound-devel-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.E4S:unbound-libs-0:1.7.3-17.el8_6.6.aarch64",
"AppStream-8.6.0.Z.E4S:unbound-libs-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.E4S:unbound-libs-0:1.7.3-17.el8_6.6.ppc64le",
"AppStream-8.6.0.Z.E4S:unbound-libs-0:1.7.3-17.el8_6.6.s390x",
"AppStream-8.6.0.Z.E4S:unbound-libs-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.E4S:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.aarch64",
"AppStream-8.6.0.Z.E4S:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.E4S:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.ppc64le",
"AppStream-8.6.0.Z.E4S:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.s390x",
"AppStream-8.6.0.Z.E4S:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.TUS:python3-unbound-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.TUS:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.TUS:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.TUS:unbound-0:1.7.3-17.el8_6.6.src",
"AppStream-8.6.0.Z.TUS:unbound-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.TUS:unbound-debuginfo-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.TUS:unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.TUS:unbound-debugsource-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.TUS:unbound-debugsource-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.TUS:unbound-devel-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.TUS:unbound-devel-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.TUS:unbound-libs-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.TUS:unbound-libs-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.TUS:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.TUS:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:13577"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.6.0.Z.AUS:python3-unbound-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.AUS:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.AUS:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.AUS:unbound-0:1.7.3-17.el8_6.6.src",
"AppStream-8.6.0.Z.AUS:unbound-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.AUS:unbound-debuginfo-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.AUS:unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.AUS:unbound-debugsource-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.AUS:unbound-debugsource-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.AUS:unbound-devel-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.AUS:unbound-devel-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.AUS:unbound-libs-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.AUS:unbound-libs-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.AUS:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.AUS:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.E4S:python3-unbound-0:1.7.3-17.el8_6.6.aarch64",
"AppStream-8.6.0.Z.E4S:python3-unbound-0:1.7.3-17.el8_6.6.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-unbound-0:1.7.3-17.el8_6.6.s390x",
"AppStream-8.6.0.Z.E4S:python3-unbound-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.E4S:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.aarch64",
"AppStream-8.6.0.Z.E4S:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.E4S:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.s390x",
"AppStream-8.6.0.Z.E4S:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.E4S:unbound-0:1.7.3-17.el8_6.6.aarch64",
"AppStream-8.6.0.Z.E4S:unbound-0:1.7.3-17.el8_6.6.ppc64le",
"AppStream-8.6.0.Z.E4S:unbound-0:1.7.3-17.el8_6.6.s390x",
"AppStream-8.6.0.Z.E4S:unbound-0:1.7.3-17.el8_6.6.src",
"AppStream-8.6.0.Z.E4S:unbound-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.E4S:unbound-debuginfo-0:1.7.3-17.el8_6.6.aarch64",
"AppStream-8.6.0.Z.E4S:unbound-debuginfo-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.E4S:unbound-debuginfo-0:1.7.3-17.el8_6.6.ppc64le",
"AppStream-8.6.0.Z.E4S:unbound-debuginfo-0:1.7.3-17.el8_6.6.s390x",
"AppStream-8.6.0.Z.E4S:unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.E4S:unbound-debugsource-0:1.7.3-17.el8_6.6.aarch64",
"AppStream-8.6.0.Z.E4S:unbound-debugsource-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.E4S:unbound-debugsource-0:1.7.3-17.el8_6.6.ppc64le",
"AppStream-8.6.0.Z.E4S:unbound-debugsource-0:1.7.3-17.el8_6.6.s390x",
"AppStream-8.6.0.Z.E4S:unbound-debugsource-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.E4S:unbound-devel-0:1.7.3-17.el8_6.6.aarch64",
"AppStream-8.6.0.Z.E4S:unbound-devel-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.E4S:unbound-devel-0:1.7.3-17.el8_6.6.ppc64le",
"AppStream-8.6.0.Z.E4S:unbound-devel-0:1.7.3-17.el8_6.6.s390x",
"AppStream-8.6.0.Z.E4S:unbound-devel-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.E4S:unbound-libs-0:1.7.3-17.el8_6.6.aarch64",
"AppStream-8.6.0.Z.E4S:unbound-libs-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.E4S:unbound-libs-0:1.7.3-17.el8_6.6.ppc64le",
"AppStream-8.6.0.Z.E4S:unbound-libs-0:1.7.3-17.el8_6.6.s390x",
"AppStream-8.6.0.Z.E4S:unbound-libs-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.E4S:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.aarch64",
"AppStream-8.6.0.Z.E4S:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.E4S:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.ppc64le",
"AppStream-8.6.0.Z.E4S:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.s390x",
"AppStream-8.6.0.Z.E4S:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.TUS:python3-unbound-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.TUS:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.TUS:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.TUS:unbound-0:1.7.3-17.el8_6.6.src",
"AppStream-8.6.0.Z.TUS:unbound-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.TUS:unbound-debuginfo-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.TUS:unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.TUS:unbound-debugsource-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.TUS:unbound-debugsource-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.TUS:unbound-devel-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.TUS:unbound-devel-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.TUS:unbound-libs-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.TUS:unbound-libs-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.TUS:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.TUS:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.Z.AUS:python3-unbound-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.AUS:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.AUS:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.AUS:unbound-0:1.7.3-17.el8_6.6.src",
"AppStream-8.6.0.Z.AUS:unbound-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.AUS:unbound-debuginfo-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.AUS:unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.AUS:unbound-debugsource-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.AUS:unbound-debugsource-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.AUS:unbound-devel-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.AUS:unbound-devel-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.AUS:unbound-libs-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.AUS:unbound-libs-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.AUS:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.AUS:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.E4S:python3-unbound-0:1.7.3-17.el8_6.6.aarch64",
"AppStream-8.6.0.Z.E4S:python3-unbound-0:1.7.3-17.el8_6.6.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-unbound-0:1.7.3-17.el8_6.6.s390x",
"AppStream-8.6.0.Z.E4S:python3-unbound-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.E4S:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.aarch64",
"AppStream-8.6.0.Z.E4S:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.E4S:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.s390x",
"AppStream-8.6.0.Z.E4S:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.E4S:unbound-0:1.7.3-17.el8_6.6.aarch64",
"AppStream-8.6.0.Z.E4S:unbound-0:1.7.3-17.el8_6.6.ppc64le",
"AppStream-8.6.0.Z.E4S:unbound-0:1.7.3-17.el8_6.6.s390x",
"AppStream-8.6.0.Z.E4S:unbound-0:1.7.3-17.el8_6.6.src",
"AppStream-8.6.0.Z.E4S:unbound-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.E4S:unbound-debuginfo-0:1.7.3-17.el8_6.6.aarch64",
"AppStream-8.6.0.Z.E4S:unbound-debuginfo-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.E4S:unbound-debuginfo-0:1.7.3-17.el8_6.6.ppc64le",
"AppStream-8.6.0.Z.E4S:unbound-debuginfo-0:1.7.3-17.el8_6.6.s390x",
"AppStream-8.6.0.Z.E4S:unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.E4S:unbound-debugsource-0:1.7.3-17.el8_6.6.aarch64",
"AppStream-8.6.0.Z.E4S:unbound-debugsource-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.E4S:unbound-debugsource-0:1.7.3-17.el8_6.6.ppc64le",
"AppStream-8.6.0.Z.E4S:unbound-debugsource-0:1.7.3-17.el8_6.6.s390x",
"AppStream-8.6.0.Z.E4S:unbound-debugsource-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.E4S:unbound-devel-0:1.7.3-17.el8_6.6.aarch64",
"AppStream-8.6.0.Z.E4S:unbound-devel-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.E4S:unbound-devel-0:1.7.3-17.el8_6.6.ppc64le",
"AppStream-8.6.0.Z.E4S:unbound-devel-0:1.7.3-17.el8_6.6.s390x",
"AppStream-8.6.0.Z.E4S:unbound-devel-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.E4S:unbound-libs-0:1.7.3-17.el8_6.6.aarch64",
"AppStream-8.6.0.Z.E4S:unbound-libs-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.E4S:unbound-libs-0:1.7.3-17.el8_6.6.ppc64le",
"AppStream-8.6.0.Z.E4S:unbound-libs-0:1.7.3-17.el8_6.6.s390x",
"AppStream-8.6.0.Z.E4S:unbound-libs-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.E4S:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.aarch64",
"AppStream-8.6.0.Z.E4S:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.E4S:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.ppc64le",
"AppStream-8.6.0.Z.E4S:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.s390x",
"AppStream-8.6.0.Z.E4S:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.TUS:python3-unbound-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.TUS:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.TUS:python3-unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.TUS:unbound-0:1.7.3-17.el8_6.6.src",
"AppStream-8.6.0.Z.TUS:unbound-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.TUS:unbound-debuginfo-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.TUS:unbound-debuginfo-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.TUS:unbound-debugsource-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.TUS:unbound-debugsource-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.TUS:unbound-devel-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.TUS:unbound-devel-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.TUS:unbound-libs-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.TUS:unbound-libs-0:1.7.3-17.el8_6.6.x86_64",
"AppStream-8.6.0.Z.TUS:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.i686",
"AppStream-8.6.0.Z.TUS:unbound-libs-debuginfo-0:1.7.3-17.el8_6.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "unbound: Unbound Cache poisoning"
}
]
}
RHSA-2025:12064
Vulnerability from csaf_redhat - Published: 2025-07-29 09:32 - Updated: 2025-11-21 19:21Summary
Red Hat Security Advisory: unbound security update
Notes
Topic
An update for unbound is now available for Red Hat Enterprise Linux 10.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver.
Security Fix(es):
* unbound: Unbound Cache poisoning (CVE-2025-5994)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for unbound is now available for Red Hat Enterprise Linux 10.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. \n\nSecurity Fix(es):\n\n* unbound: Unbound Cache poisoning (CVE-2025-5994)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:12064",
"url": "https://access.redhat.com/errata/RHSA-2025:12064"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2380949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380949"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_12064.json"
}
],
"title": "Red Hat Security Advisory: unbound security update",
"tracking": {
"current_release_date": "2025-11-21T19:21:07+00:00",
"generator": {
"date": "2025-11-21T19:21:07+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2025:12064",
"initial_release_date": "2025-07-29T09:32:59+00:00",
"revision_history": [
{
"date": "2025-07-29T09:32:59+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-29T09:32:59+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T19:21:07+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10.0"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product": {
"name": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-unbound-0:1.20.0-12.el10_0.aarch64",
"product": {
"name": "python3-unbound-0:1.20.0-12.el10_0.aarch64",
"product_id": "python3-unbound-0:1.20.0-12.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound@1.20.0-12.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-0:1.20.0-12.el10_0.aarch64",
"product": {
"name": "unbound-0:1.20.0-12.el10_0.aarch64",
"product_id": "unbound-0:1.20.0-12.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.20.0-12.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-anchor-0:1.20.0-12.el10_0.aarch64",
"product": {
"name": "unbound-anchor-0:1.20.0-12.el10_0.aarch64",
"product_id": "unbound-anchor-0:1.20.0-12.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-anchor@1.20.0-12.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-dracut-0:1.20.0-12.el10_0.aarch64",
"product": {
"name": "unbound-dracut-0:1.20.0-12.el10_0.aarch64",
"product_id": "unbound-dracut-0:1.20.0-12.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-dracut@1.20.0-12.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-0:1.20.0-12.el10_0.aarch64",
"product": {
"name": "unbound-libs-0:1.20.0-12.el10_0.aarch64",
"product_id": "unbound-libs-0:1.20.0-12.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.20.0-12.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.20.0-12.el10_0.aarch64",
"product": {
"name": "unbound-debugsource-0:1.20.0-12.el10_0.aarch64",
"product_id": "unbound-debugsource-0:1.20.0-12.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.20.0-12.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.20.0-12.el10_0.aarch64",
"product": {
"name": "python3-unbound-debuginfo-0:1.20.0-12.el10_0.aarch64",
"product_id": "python3-unbound-debuginfo-0:1.20.0-12.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.20.0-12.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-anchor-debuginfo-0:1.20.0-12.el10_0.aarch64",
"product": {
"name": "unbound-anchor-debuginfo-0:1.20.0-12.el10_0.aarch64",
"product_id": "unbound-anchor-debuginfo-0:1.20.0-12.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-anchor-debuginfo@1.20.0-12.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.20.0-12.el10_0.aarch64",
"product": {
"name": "unbound-debuginfo-0:1.20.0-12.el10_0.aarch64",
"product_id": "unbound-debuginfo-0:1.20.0-12.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.20.0-12.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.20.0-12.el10_0.aarch64",
"product": {
"name": "unbound-libs-debuginfo-0:1.20.0-12.el10_0.aarch64",
"product_id": "unbound-libs-debuginfo-0:1.20.0-12.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.20.0-12.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-utils-debuginfo-0:1.20.0-12.el10_0.aarch64",
"product": {
"name": "unbound-utils-debuginfo-0:1.20.0-12.el10_0.aarch64",
"product_id": "unbound-utils-debuginfo-0:1.20.0-12.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-utils-debuginfo@1.20.0-12.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "unbound-devel-0:1.20.0-12.el10_0.aarch64",
"product": {
"name": "unbound-devel-0:1.20.0-12.el10_0.aarch64",
"product_id": "unbound-devel-0:1.20.0-12.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-devel@1.20.0-12.el10_0?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-unbound-0:1.20.0-12.el10_0.ppc64le",
"product": {
"name": "python3-unbound-0:1.20.0-12.el10_0.ppc64le",
"product_id": "python3-unbound-0:1.20.0-12.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound@1.20.0-12.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-0:1.20.0-12.el10_0.ppc64le",
"product": {
"name": "unbound-0:1.20.0-12.el10_0.ppc64le",
"product_id": "unbound-0:1.20.0-12.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.20.0-12.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-anchor-0:1.20.0-12.el10_0.ppc64le",
"product": {
"name": "unbound-anchor-0:1.20.0-12.el10_0.ppc64le",
"product_id": "unbound-anchor-0:1.20.0-12.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-anchor@1.20.0-12.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-dracut-0:1.20.0-12.el10_0.ppc64le",
"product": {
"name": "unbound-dracut-0:1.20.0-12.el10_0.ppc64le",
"product_id": "unbound-dracut-0:1.20.0-12.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-dracut@1.20.0-12.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-0:1.20.0-12.el10_0.ppc64le",
"product": {
"name": "unbound-libs-0:1.20.0-12.el10_0.ppc64le",
"product_id": "unbound-libs-0:1.20.0-12.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.20.0-12.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.20.0-12.el10_0.ppc64le",
"product": {
"name": "unbound-debugsource-0:1.20.0-12.el10_0.ppc64le",
"product_id": "unbound-debugsource-0:1.20.0-12.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.20.0-12.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"product": {
"name": "python3-unbound-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"product_id": "python3-unbound-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.20.0-12.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-anchor-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"product": {
"name": "unbound-anchor-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"product_id": "unbound-anchor-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-anchor-debuginfo@1.20.0-12.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"product": {
"name": "unbound-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"product_id": "unbound-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.20.0-12.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"product": {
"name": "unbound-libs-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"product_id": "unbound-libs-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.20.0-12.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-utils-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"product": {
"name": "unbound-utils-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"product_id": "unbound-utils-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-utils-debuginfo@1.20.0-12.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "unbound-devel-0:1.20.0-12.el10_0.ppc64le",
"product": {
"name": "unbound-devel-0:1.20.0-12.el10_0.ppc64le",
"product_id": "unbound-devel-0:1.20.0-12.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-devel@1.20.0-12.el10_0?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-unbound-0:1.20.0-12.el10_0.x86_64",
"product": {
"name": "python3-unbound-0:1.20.0-12.el10_0.x86_64",
"product_id": "python3-unbound-0:1.20.0-12.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound@1.20.0-12.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-0:1.20.0-12.el10_0.x86_64",
"product": {
"name": "unbound-0:1.20.0-12.el10_0.x86_64",
"product_id": "unbound-0:1.20.0-12.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.20.0-12.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-anchor-0:1.20.0-12.el10_0.x86_64",
"product": {
"name": "unbound-anchor-0:1.20.0-12.el10_0.x86_64",
"product_id": "unbound-anchor-0:1.20.0-12.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-anchor@1.20.0-12.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-dracut-0:1.20.0-12.el10_0.x86_64",
"product": {
"name": "unbound-dracut-0:1.20.0-12.el10_0.x86_64",
"product_id": "unbound-dracut-0:1.20.0-12.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-dracut@1.20.0-12.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-0:1.20.0-12.el10_0.x86_64",
"product": {
"name": "unbound-libs-0:1.20.0-12.el10_0.x86_64",
"product_id": "unbound-libs-0:1.20.0-12.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.20.0-12.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.20.0-12.el10_0.x86_64",
"product": {
"name": "unbound-debugsource-0:1.20.0-12.el10_0.x86_64",
"product_id": "unbound-debugsource-0:1.20.0-12.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.20.0-12.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.20.0-12.el10_0.x86_64",
"product": {
"name": "python3-unbound-debuginfo-0:1.20.0-12.el10_0.x86_64",
"product_id": "python3-unbound-debuginfo-0:1.20.0-12.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.20.0-12.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-anchor-debuginfo-0:1.20.0-12.el10_0.x86_64",
"product": {
"name": "unbound-anchor-debuginfo-0:1.20.0-12.el10_0.x86_64",
"product_id": "unbound-anchor-debuginfo-0:1.20.0-12.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-anchor-debuginfo@1.20.0-12.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.20.0-12.el10_0.x86_64",
"product": {
"name": "unbound-debuginfo-0:1.20.0-12.el10_0.x86_64",
"product_id": "unbound-debuginfo-0:1.20.0-12.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.20.0-12.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.20.0-12.el10_0.x86_64",
"product": {
"name": "unbound-libs-debuginfo-0:1.20.0-12.el10_0.x86_64",
"product_id": "unbound-libs-debuginfo-0:1.20.0-12.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.20.0-12.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-utils-debuginfo-0:1.20.0-12.el10_0.x86_64",
"product": {
"name": "unbound-utils-debuginfo-0:1.20.0-12.el10_0.x86_64",
"product_id": "unbound-utils-debuginfo-0:1.20.0-12.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-utils-debuginfo@1.20.0-12.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "unbound-devel-0:1.20.0-12.el10_0.x86_64",
"product": {
"name": "unbound-devel-0:1.20.0-12.el10_0.x86_64",
"product_id": "unbound-devel-0:1.20.0-12.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-devel@1.20.0-12.el10_0?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-unbound-0:1.20.0-12.el10_0.s390x",
"product": {
"name": "python3-unbound-0:1.20.0-12.el10_0.s390x",
"product_id": "python3-unbound-0:1.20.0-12.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound@1.20.0-12.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-0:1.20.0-12.el10_0.s390x",
"product": {
"name": "unbound-0:1.20.0-12.el10_0.s390x",
"product_id": "unbound-0:1.20.0-12.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.20.0-12.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-anchor-0:1.20.0-12.el10_0.s390x",
"product": {
"name": "unbound-anchor-0:1.20.0-12.el10_0.s390x",
"product_id": "unbound-anchor-0:1.20.0-12.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-anchor@1.20.0-12.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-dracut-0:1.20.0-12.el10_0.s390x",
"product": {
"name": "unbound-dracut-0:1.20.0-12.el10_0.s390x",
"product_id": "unbound-dracut-0:1.20.0-12.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-dracut@1.20.0-12.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-0:1.20.0-12.el10_0.s390x",
"product": {
"name": "unbound-libs-0:1.20.0-12.el10_0.s390x",
"product_id": "unbound-libs-0:1.20.0-12.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs@1.20.0-12.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-debugsource-0:1.20.0-12.el10_0.s390x",
"product": {
"name": "unbound-debugsource-0:1.20.0-12.el10_0.s390x",
"product_id": "unbound-debugsource-0:1.20.0-12.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debugsource@1.20.0-12.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-unbound-debuginfo-0:1.20.0-12.el10_0.s390x",
"product": {
"name": "python3-unbound-debuginfo-0:1.20.0-12.el10_0.s390x",
"product_id": "python3-unbound-debuginfo-0:1.20.0-12.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.20.0-12.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-anchor-debuginfo-0:1.20.0-12.el10_0.s390x",
"product": {
"name": "unbound-anchor-debuginfo-0:1.20.0-12.el10_0.s390x",
"product_id": "unbound-anchor-debuginfo-0:1.20.0-12.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-anchor-debuginfo@1.20.0-12.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-debuginfo-0:1.20.0-12.el10_0.s390x",
"product": {
"name": "unbound-debuginfo-0:1.20.0-12.el10_0.s390x",
"product_id": "unbound-debuginfo-0:1.20.0-12.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-debuginfo@1.20.0-12.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-libs-debuginfo-0:1.20.0-12.el10_0.s390x",
"product": {
"name": "unbound-libs-debuginfo-0:1.20.0-12.el10_0.s390x",
"product_id": "unbound-libs-debuginfo-0:1.20.0-12.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.20.0-12.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-utils-debuginfo-0:1.20.0-12.el10_0.s390x",
"product": {
"name": "unbound-utils-debuginfo-0:1.20.0-12.el10_0.s390x",
"product_id": "unbound-utils-debuginfo-0:1.20.0-12.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-utils-debuginfo@1.20.0-12.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "unbound-devel-0:1.20.0-12.el10_0.s390x",
"product": {
"name": "unbound-devel-0:1.20.0-12.el10_0.s390x",
"product_id": "unbound-devel-0:1.20.0-12.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound-devel@1.20.0-12.el10_0?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "unbound-0:1.20.0-12.el10_0.src",
"product": {
"name": "unbound-0:1.20.0-12.el10_0.src",
"product_id": "unbound-0:1.20.0-12.el10_0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/unbound@1.20.0-12.el10_0?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.20.0-12.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.aarch64"
},
"product_reference": "python3-unbound-0:1.20.0-12.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.20.0-12.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.ppc64le"
},
"product_reference": "python3-unbound-0:1.20.0-12.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.20.0-12.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.s390x"
},
"product_reference": "python3-unbound-0:1.20.0-12.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.20.0-12.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.x86_64"
},
"product_reference": "python3-unbound-0:1.20.0-12.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.20.0-12.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.aarch64"
},
"product_reference": "python3-unbound-debuginfo-0:1.20.0-12.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.20.0-12.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.ppc64le"
},
"product_reference": "python3-unbound-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.20.0-12.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.s390x"
},
"product_reference": "python3-unbound-debuginfo-0:1.20.0-12.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.20.0-12.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.x86_64"
},
"product_reference": "python3-unbound-debuginfo-0:1.20.0-12.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.20.0-12.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-0:1.20.0-12.el10_0.aarch64"
},
"product_reference": "unbound-0:1.20.0-12.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.20.0-12.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-0:1.20.0-12.el10_0.ppc64le"
},
"product_reference": "unbound-0:1.20.0-12.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.20.0-12.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-0:1.20.0-12.el10_0.s390x"
},
"product_reference": "unbound-0:1.20.0-12.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.20.0-12.el10_0.src as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-0:1.20.0-12.el10_0.src"
},
"product_reference": "unbound-0:1.20.0-12.el10_0.src",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.20.0-12.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-0:1.20.0-12.el10_0.x86_64"
},
"product_reference": "unbound-0:1.20.0-12.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-anchor-0:1.20.0-12.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.aarch64"
},
"product_reference": "unbound-anchor-0:1.20.0-12.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-anchor-0:1.20.0-12.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.ppc64le"
},
"product_reference": "unbound-anchor-0:1.20.0-12.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-anchor-0:1.20.0-12.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.s390x"
},
"product_reference": "unbound-anchor-0:1.20.0-12.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-anchor-0:1.20.0-12.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.x86_64"
},
"product_reference": "unbound-anchor-0:1.20.0-12.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-anchor-debuginfo-0:1.20.0-12.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.aarch64"
},
"product_reference": "unbound-anchor-debuginfo-0:1.20.0-12.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-anchor-debuginfo-0:1.20.0-12.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.ppc64le"
},
"product_reference": "unbound-anchor-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-anchor-debuginfo-0:1.20.0-12.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.s390x"
},
"product_reference": "unbound-anchor-debuginfo-0:1.20.0-12.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-anchor-debuginfo-0:1.20.0-12.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.x86_64"
},
"product_reference": "unbound-anchor-debuginfo-0:1.20.0-12.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.20.0-12.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.aarch64"
},
"product_reference": "unbound-debuginfo-0:1.20.0-12.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.20.0-12.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.ppc64le"
},
"product_reference": "unbound-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.20.0-12.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.s390x"
},
"product_reference": "unbound-debuginfo-0:1.20.0-12.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.20.0-12.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.x86_64"
},
"product_reference": "unbound-debuginfo-0:1.20.0-12.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.20.0-12.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.aarch64"
},
"product_reference": "unbound-debugsource-0:1.20.0-12.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.20.0-12.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.ppc64le"
},
"product_reference": "unbound-debugsource-0:1.20.0-12.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.20.0-12.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.s390x"
},
"product_reference": "unbound-debugsource-0:1.20.0-12.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.20.0-12.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.x86_64"
},
"product_reference": "unbound-debugsource-0:1.20.0-12.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.20.0-12.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.aarch64"
},
"product_reference": "unbound-devel-0:1.20.0-12.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.20.0-12.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.ppc64le"
},
"product_reference": "unbound-devel-0:1.20.0-12.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.20.0-12.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.s390x"
},
"product_reference": "unbound-devel-0:1.20.0-12.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.20.0-12.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.x86_64"
},
"product_reference": "unbound-devel-0:1.20.0-12.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-dracut-0:1.20.0-12.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.aarch64"
},
"product_reference": "unbound-dracut-0:1.20.0-12.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-dracut-0:1.20.0-12.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.ppc64le"
},
"product_reference": "unbound-dracut-0:1.20.0-12.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-dracut-0:1.20.0-12.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.s390x"
},
"product_reference": "unbound-dracut-0:1.20.0-12.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-dracut-0:1.20.0-12.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.x86_64"
},
"product_reference": "unbound-dracut-0:1.20.0-12.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.20.0-12.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.aarch64"
},
"product_reference": "unbound-libs-0:1.20.0-12.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.20.0-12.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.ppc64le"
},
"product_reference": "unbound-libs-0:1.20.0-12.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.20.0-12.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.s390x"
},
"product_reference": "unbound-libs-0:1.20.0-12.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.20.0-12.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.x86_64"
},
"product_reference": "unbound-libs-0:1.20.0-12.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.20.0-12.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.aarch64"
},
"product_reference": "unbound-libs-debuginfo-0:1.20.0-12.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.20.0-12.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.ppc64le"
},
"product_reference": "unbound-libs-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.20.0-12.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.s390x"
},
"product_reference": "unbound-libs-debuginfo-0:1.20.0-12.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.20.0-12.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.x86_64"
},
"product_reference": "unbound-libs-debuginfo-0:1.20.0-12.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-utils-debuginfo-0:1.20.0-12.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.aarch64"
},
"product_reference": "unbound-utils-debuginfo-0:1.20.0-12.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-utils-debuginfo-0:1.20.0-12.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.ppc64le"
},
"product_reference": "unbound-utils-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-utils-debuginfo-0:1.20.0-12.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.s390x"
},
"product_reference": "unbound-utils-debuginfo-0:1.20.0-12.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-utils-debuginfo-0:1.20.0-12.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.x86_64"
},
"product_reference": "unbound-utils-debuginfo-0:1.20.0-12.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.20.0-12.el10_0.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.aarch64"
},
"product_reference": "python3-unbound-0:1.20.0-12.el10_0.aarch64",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.20.0-12.el10_0.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.ppc64le"
},
"product_reference": "python3-unbound-0:1.20.0-12.el10_0.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.20.0-12.el10_0.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.s390x"
},
"product_reference": "python3-unbound-0:1.20.0-12.el10_0.s390x",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-0:1.20.0-12.el10_0.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.x86_64"
},
"product_reference": "python3-unbound-0:1.20.0-12.el10_0.x86_64",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.20.0-12.el10_0.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.aarch64"
},
"product_reference": "python3-unbound-debuginfo-0:1.20.0-12.el10_0.aarch64",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.20.0-12.el10_0.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.ppc64le"
},
"product_reference": "python3-unbound-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.20.0-12.el10_0.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.s390x"
},
"product_reference": "python3-unbound-debuginfo-0:1.20.0-12.el10_0.s390x",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-unbound-debuginfo-0:1.20.0-12.el10_0.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.x86_64"
},
"product_reference": "python3-unbound-debuginfo-0:1.20.0-12.el10_0.x86_64",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.20.0-12.el10_0.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-0:1.20.0-12.el10_0.aarch64"
},
"product_reference": "unbound-0:1.20.0-12.el10_0.aarch64",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.20.0-12.el10_0.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-0:1.20.0-12.el10_0.ppc64le"
},
"product_reference": "unbound-0:1.20.0-12.el10_0.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.20.0-12.el10_0.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-0:1.20.0-12.el10_0.s390x"
},
"product_reference": "unbound-0:1.20.0-12.el10_0.s390x",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.20.0-12.el10_0.src as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-0:1.20.0-12.el10_0.src"
},
"product_reference": "unbound-0:1.20.0-12.el10_0.src",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-0:1.20.0-12.el10_0.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-0:1.20.0-12.el10_0.x86_64"
},
"product_reference": "unbound-0:1.20.0-12.el10_0.x86_64",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-anchor-0:1.20.0-12.el10_0.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.aarch64"
},
"product_reference": "unbound-anchor-0:1.20.0-12.el10_0.aarch64",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-anchor-0:1.20.0-12.el10_0.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.ppc64le"
},
"product_reference": "unbound-anchor-0:1.20.0-12.el10_0.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-anchor-0:1.20.0-12.el10_0.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.s390x"
},
"product_reference": "unbound-anchor-0:1.20.0-12.el10_0.s390x",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-anchor-0:1.20.0-12.el10_0.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.x86_64"
},
"product_reference": "unbound-anchor-0:1.20.0-12.el10_0.x86_64",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-anchor-debuginfo-0:1.20.0-12.el10_0.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.aarch64"
},
"product_reference": "unbound-anchor-debuginfo-0:1.20.0-12.el10_0.aarch64",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-anchor-debuginfo-0:1.20.0-12.el10_0.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.ppc64le"
},
"product_reference": "unbound-anchor-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-anchor-debuginfo-0:1.20.0-12.el10_0.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.s390x"
},
"product_reference": "unbound-anchor-debuginfo-0:1.20.0-12.el10_0.s390x",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-anchor-debuginfo-0:1.20.0-12.el10_0.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.x86_64"
},
"product_reference": "unbound-anchor-debuginfo-0:1.20.0-12.el10_0.x86_64",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.20.0-12.el10_0.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.aarch64"
},
"product_reference": "unbound-debuginfo-0:1.20.0-12.el10_0.aarch64",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.20.0-12.el10_0.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.ppc64le"
},
"product_reference": "unbound-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.20.0-12.el10_0.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.s390x"
},
"product_reference": "unbound-debuginfo-0:1.20.0-12.el10_0.s390x",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debuginfo-0:1.20.0-12.el10_0.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.x86_64"
},
"product_reference": "unbound-debuginfo-0:1.20.0-12.el10_0.x86_64",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.20.0-12.el10_0.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.aarch64"
},
"product_reference": "unbound-debugsource-0:1.20.0-12.el10_0.aarch64",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.20.0-12.el10_0.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.ppc64le"
},
"product_reference": "unbound-debugsource-0:1.20.0-12.el10_0.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.20.0-12.el10_0.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.s390x"
},
"product_reference": "unbound-debugsource-0:1.20.0-12.el10_0.s390x",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-debugsource-0:1.20.0-12.el10_0.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.x86_64"
},
"product_reference": "unbound-debugsource-0:1.20.0-12.el10_0.x86_64",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.20.0-12.el10_0.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.aarch64"
},
"product_reference": "unbound-devel-0:1.20.0-12.el10_0.aarch64",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.20.0-12.el10_0.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.ppc64le"
},
"product_reference": "unbound-devel-0:1.20.0-12.el10_0.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.20.0-12.el10_0.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.s390x"
},
"product_reference": "unbound-devel-0:1.20.0-12.el10_0.s390x",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-0:1.20.0-12.el10_0.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.x86_64"
},
"product_reference": "unbound-devel-0:1.20.0-12.el10_0.x86_64",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-dracut-0:1.20.0-12.el10_0.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.aarch64"
},
"product_reference": "unbound-dracut-0:1.20.0-12.el10_0.aarch64",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-dracut-0:1.20.0-12.el10_0.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.ppc64le"
},
"product_reference": "unbound-dracut-0:1.20.0-12.el10_0.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-dracut-0:1.20.0-12.el10_0.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.s390x"
},
"product_reference": "unbound-dracut-0:1.20.0-12.el10_0.s390x",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-dracut-0:1.20.0-12.el10_0.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.x86_64"
},
"product_reference": "unbound-dracut-0:1.20.0-12.el10_0.x86_64",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.20.0-12.el10_0.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.aarch64"
},
"product_reference": "unbound-libs-0:1.20.0-12.el10_0.aarch64",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.20.0-12.el10_0.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.ppc64le"
},
"product_reference": "unbound-libs-0:1.20.0-12.el10_0.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.20.0-12.el10_0.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.s390x"
},
"product_reference": "unbound-libs-0:1.20.0-12.el10_0.s390x",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-0:1.20.0-12.el10_0.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.x86_64"
},
"product_reference": "unbound-libs-0:1.20.0-12.el10_0.x86_64",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.20.0-12.el10_0.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.aarch64"
},
"product_reference": "unbound-libs-debuginfo-0:1.20.0-12.el10_0.aarch64",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.20.0-12.el10_0.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.ppc64le"
},
"product_reference": "unbound-libs-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.20.0-12.el10_0.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.s390x"
},
"product_reference": "unbound-libs-debuginfo-0:1.20.0-12.el10_0.s390x",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-libs-debuginfo-0:1.20.0-12.el10_0.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.x86_64"
},
"product_reference": "unbound-libs-debuginfo-0:1.20.0-12.el10_0.x86_64",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-utils-debuginfo-0:1.20.0-12.el10_0.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.aarch64"
},
"product_reference": "unbound-utils-debuginfo-0:1.20.0-12.el10_0.aarch64",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-utils-debuginfo-0:1.20.0-12.el10_0.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.ppc64le"
},
"product_reference": "unbound-utils-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-utils-debuginfo-0:1.20.0-12.el10_0.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.s390x"
},
"product_reference": "unbound-utils-debuginfo-0:1.20.0-12.el10_0.s390x",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-utils-debuginfo-0:1.20.0-12.el10_0.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.x86_64"
},
"product_reference": "unbound-utils-debuginfo-0:1.20.0-12.el10_0.x86_64",
"relates_to_product_reference": "CRB-10.0.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-5994",
"cwe": {
"id": "CWE-349",
"name": "Acceptance of Extraneous Untrusted Data With Trusted Data"
},
"discovery_date": "2025-07-16T15:01:36.497027+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380949"
}
],
"notes": [
{
"category": "description",
"text": "A cache poisoning flaw was found in Unbound. Resolvers supporting EDNS Client Subnet (ECS) must segregate outgoing queries to accommodate different outgoing ECS information. This issue reopens resolvers to a birthday paradox attack, known as the Rebirthday Attack, which attempts to match the DNS transaction ID with cache non-ECS poisoned replies.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "unbound: Unbound Cache poisoning",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is considered Important rather than Moderate because it directly compromises the integrity of DNS caching mechanisms in resolvers supporting EDNS Client Subnet (ECS). The flaw allows an attacker to exploit the birthday paradox by generating a high volume of concurrent queries with different ECS values, thereby increasing the chance of a transaction ID collision with a spoofed response. If the resolver fails to properly segregate cache entries by ECS scope, it may accept and cache a malicious non-ECS response, effectively leading to DNS cache poisoning. Unlike typical poisoning attempts that require precise timing or privileged network positions, this attack can be carried out remotely with a high success rate, especially in resolvers that do not correctly isolate ECS queries.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-0:1.20.0-12.el10_0.src",
"AppStream-10.0.Z:unbound-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-0:1.20.0-12.el10_0.src",
"CRB-10.0.Z:unbound-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-5994"
},
{
"category": "external",
"summary": "RHBZ#2380949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380949"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-5994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5994"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-5994",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5994"
},
{
"category": "external",
"summary": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt",
"url": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt"
}
],
"release_date": "2025-07-16T14:38:22.738000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-29T09:32:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-0:1.20.0-12.el10_0.src",
"AppStream-10.0.Z:unbound-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-0:1.20.0-12.el10_0.src",
"CRB-10.0.Z:unbound-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:12064"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-0:1.20.0-12.el10_0.src",
"AppStream-10.0.Z:unbound-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-0:1.20.0-12.el10_0.src",
"CRB-10.0.Z:unbound-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-0:1.20.0-12.el10_0.src",
"AppStream-10.0.Z:unbound-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.x86_64",
"AppStream-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.aarch64",
"AppStream-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"AppStream-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.s390x",
"AppStream-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:python3-unbound-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:python3-unbound-debuginfo-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-0:1.20.0-12.el10_0.src",
"CRB-10.0.Z:unbound-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-anchor-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-anchor-debuginfo-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-debuginfo-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-debugsource-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-devel-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-dracut-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-libs-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-libs-debuginfo-0:1.20.0-12.el10_0.x86_64",
"CRB-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.aarch64",
"CRB-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.ppc64le",
"CRB-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.s390x",
"CRB-10.0.Z:unbound-utils-debuginfo-0:1.20.0-12.el10_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "unbound: Unbound Cache poisoning"
}
]
}
RHSA-2025:15397
Vulnerability from csaf_redhat - Published: 2025-10-21 14:50 - Updated: 2025-12-03 09:29Summary
Red Hat Security Advisory: OpenShift Container Platform 4.20.0 bug fix and security update
Notes
Topic
Red Hat OpenShift Container Platform release 4.20.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container
Platform 4.20.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the container images for Red Hat OpenShift Container Platform 4.20.0. See the following advisory for the RPM packages for this release:
https://access.redhat.com/errata/149403
Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:
https://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/release_notes/
Security Fix(es):
* libarchive: Double free at archive_read_format_rar_seek_data() in
archive_read_support_format_rar.c (CVE-2025-5914)
* unbound: Unbound Cache poisoning (CVE-2025-5994)
* podman: podman missing TLS verification (CVE-2025-6032)
* sqlite: Integer Truncation in SQLite (CVE-2025-6965)
* libxml: Heap use after free (UAF) leads to Denial of service (DoS)
(CVE-2025-49794)
* libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
All OpenShift Container Platform 4.20 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html-single/updating_clusters/index#updating-cluster-cli.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.20.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container\nPlatform 4.20.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the container images for Red Hat OpenShift Container Platform 4.20.0. See the following advisory for the RPM packages for this release:\n\nhttps://access.redhat.com/errata/149403\n\nSpace precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/release_notes/\n\nSecurity Fix(es):\n\n* libarchive: Double free at archive_read_format_rar_seek_data() in\narchive_read_support_format_rar.c (CVE-2025-5914)\n* unbound: Unbound Cache poisoning (CVE-2025-5994)\n* podman: podman missing TLS verification (CVE-2025-6032)\n* sqlite: Integer Truncation in SQLite (CVE-2025-6965)\n* libxml: Heap use after free (UAF) leads to Denial of service (DoS)\n(CVE-2025-49794)\n* libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAll OpenShift Container Platform 4.20 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html-single/updating_clusters/index#updating-cluster-cli.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:15397",
"url": "https://access.redhat.com/errata/RHSA-2025:15397"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2370861",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370861"
},
{
"category": "external",
"summary": "2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "2372501",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372501"
},
{
"category": "external",
"summary": "2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "2380949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380949"
},
{
"category": "external",
"summary": "OCPBUGS-55905",
"url": "https://issues.redhat.com/browse/OCPBUGS-55905"
},
{
"category": "external",
"summary": "OCPBUGS-55906",
"url": "https://issues.redhat.com/browse/OCPBUGS-55906"
},
{
"category": "external",
"summary": "OCPBUGS-56277",
"url": "https://issues.redhat.com/browse/OCPBUGS-56277"
},
{
"category": "external",
"summary": "OCPBUGS-56645",
"url": "https://issues.redhat.com/browse/OCPBUGS-56645"
},
{
"category": "external",
"summary": "OCPBUGS-58117",
"url": "https://issues.redhat.com/browse/OCPBUGS-58117"
},
{
"category": "external",
"summary": "OCPBUGS-59201",
"url": "https://issues.redhat.com/browse/OCPBUGS-59201"
},
{
"category": "external",
"summary": "OCPBUGS-59630",
"url": "https://issues.redhat.com/browse/OCPBUGS-59630"
},
{
"category": "external",
"summary": "OCPBUGS-60099",
"url": "https://issues.redhat.com/browse/OCPBUGS-60099"
},
{
"category": "external",
"summary": "OCPBUGS-60664",
"url": "https://issues.redhat.com/browse/OCPBUGS-60664"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_15397.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.20.0 bug fix and security update",
"tracking": {
"current_release_date": "2025-12-03T09:29:33+00:00",
"generator": {
"date": "2025-12-03T09:29:33+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.13"
}
},
"id": "RHSA-2025:15397",
"initial_release_date": "2025-10-21T14:50:28+00:00",
"revision_history": [
{
"date": "2025-10-21T14:50:28+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-10-21T14:50:28+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-12-03T09:29:33+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.20",
"product": {
"name": "Red Hat OpenShift Container Platform 4.20",
"product_id": "9Base-RHOSE-4.20",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.20::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos-aarch64-4.20.9.6.202509251656-0",
"product": {
"name": "rhcos-aarch64-4.20.9.6.202509251656-0",
"product_id": "rhcos-aarch64-4.20.9.6.202509251656-0",
"product_identification_helper": {
"purl": "pkg:generic/redhat/rhcos@4.20.9.6.202509251656?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos-ppc64le-4.20.9.6.202509251656-0",
"product": {
"name": "rhcos-ppc64le-4.20.9.6.202509251656-0",
"product_id": "rhcos-ppc64le-4.20.9.6.202509251656-0",
"product_identification_helper": {
"purl": "pkg:generic/redhat/rhcos@4.20.9.6.202509251656?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos-s390x-4.20.9.6.202509251656-0",
"product": {
"name": "rhcos-s390x-4.20.9.6.202509251656-0",
"product_id": "rhcos-s390x-4.20.9.6.202509251656-0",
"product_identification_helper": {
"purl": "pkg:generic/redhat/rhcos@4.20.9.6.202509251656?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos-x86_64-4.20.9.6.202509251656-0",
"product": {
"name": "rhcos-x86_64-4.20.9.6.202509251656-0",
"product_id": "rhcos-x86_64-4.20.9.6.202509251656-0",
"product_identification_helper": {
"purl": "pkg:generic/redhat/rhcos@4.20.9.6.202509251656?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos-aarch64-4.20.9.6.202509251656-0 as a component of Red Hat OpenShift Container Platform 4.20",
"product_id": "9Base-RHOSE-4.20:rhcos-aarch64-4.20.9.6.202509251656-0"
},
"product_reference": "rhcos-aarch64-4.20.9.6.202509251656-0",
"relates_to_product_reference": "9Base-RHOSE-4.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos-ppc64le-4.20.9.6.202509251656-0 as a component of Red Hat OpenShift Container Platform 4.20",
"product_id": "9Base-RHOSE-4.20:rhcos-ppc64le-4.20.9.6.202509251656-0"
},
"product_reference": "rhcos-ppc64le-4.20.9.6.202509251656-0",
"relates_to_product_reference": "9Base-RHOSE-4.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos-s390x-4.20.9.6.202509251656-0 as a component of Red Hat OpenShift Container Platform 4.20",
"product_id": "9Base-RHOSE-4.20:rhcos-s390x-4.20.9.6.202509251656-0"
},
"product_reference": "rhcos-s390x-4.20.9.6.202509251656-0",
"relates_to_product_reference": "9Base-RHOSE-4.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos-x86_64-4.20.9.6.202509251656-0 as a component of Red Hat OpenShift Container Platform 4.20",
"product_id": "9Base-RHOSE-4.20:rhcos-x86_64-4.20.9.6.202509251656-0"
},
"product_reference": "rhcos-x86_64-4.20.9.6.202509251656-0",
"relates_to_product_reference": "9Base-RHOSE-4.20"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-5914",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"discovery_date": "2025-06-06T17:58:25.491000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2370861"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has rated this vulnerability as Important because it allows a local attacker with limited privileges to trigger a double-free in libarchive\u0027s RAR parser by providing a specially crafted RAR archive. Successful exploitation could result in code execution or application crashes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.20:rhcos-aarch64-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-ppc64le-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-s390x-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-x86_64-4.20.9.6.202509251656-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-5914"
},
{
"category": "external",
"summary": "RHBZ#2370861",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370861"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-5914",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5914"
},
{
"category": "external",
"summary": "https://github.com/libarchive/libarchive/pull/2598",
"url": "https://github.com/libarchive/libarchive/pull/2598"
},
{
"category": "external",
"summary": "https://github.com/libarchive/libarchive/releases/tag/v3.8.0",
"url": "https://github.com/libarchive/libarchive/releases/tag/v3.8.0"
}
],
"release_date": "2025-05-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-21T14:50:28+00:00",
"details": "For OpenShift Container Platform 4.20 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:d1dc76522d1e235b97675b28e977cb8c452f47d39c0eb519cde02114925f91d2\n\n (For s390x architecture)\n The image digest is sha256:bb2b07ca992b8c976341c145ccdcefbd57e946a590efaa5e10d60fc5a2cbe503\n\n (For ppc64le architecture)\n The image digest is sha256:678369ac0a189674b3d9f5779ee7042b39e625ee580579ec302d8899f8ddc613\n\n (For aarch64 architecture)\n The image digest is sha256:791079aeb081a9193cec139ba4dccbafbfc9437b6e5e39d70225b0e6d2f51b34\n\nAll OpenShift Container Platform 4.20 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.20:rhcos-aarch64-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-ppc64le-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-s390x-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-x86_64-4.20.9.6.202509251656-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:15397"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.20:rhcos-aarch64-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-ppc64le-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-s390x-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-x86_64-4.20.9.6.202509251656-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c"
},
{
"cve": "CVE-2025-5994",
"cwe": {
"id": "CWE-349",
"name": "Acceptance of Extraneous Untrusted Data With Trusted Data"
},
"discovery_date": "2025-07-16T15:01:36.497027+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380949"
}
],
"notes": [
{
"category": "description",
"text": "A cache poisoning flaw was found in Unbound. Resolvers supporting EDNS Client Subnet (ECS) must segregate outgoing queries to accommodate different outgoing ECS information. This issue reopens resolvers to a birthday paradox attack, known as the Rebirthday Attack, which attempts to match the DNS transaction ID with cache non-ECS poisoned replies.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "unbound: Unbound Cache poisoning",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is considered Important rather than Moderate because it directly compromises the integrity of DNS caching mechanisms in resolvers supporting EDNS Client Subnet (ECS). The flaw allows an attacker to exploit the birthday paradox by generating a high volume of concurrent queries with different ECS values, thereby increasing the chance of a transaction ID collision with a spoofed response. If the resolver fails to properly segregate cache entries by ECS scope, it may accept and cache a malicious non-ECS response, effectively leading to DNS cache poisoning. Unlike typical poisoning attempts that require precise timing or privileged network positions, this attack can be carried out remotely with a high success rate, especially in resolvers that do not correctly isolate ECS queries.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.20:rhcos-aarch64-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-ppc64le-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-s390x-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-x86_64-4.20.9.6.202509251656-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-5994"
},
{
"category": "external",
"summary": "RHBZ#2380949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380949"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-5994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5994"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-5994",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5994"
},
{
"category": "external",
"summary": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt",
"url": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt"
}
],
"release_date": "2025-07-16T14:38:22.738000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-21T14:50:28+00:00",
"details": "For OpenShift Container Platform 4.20 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:d1dc76522d1e235b97675b28e977cb8c452f47d39c0eb519cde02114925f91d2\n\n (For s390x architecture)\n The image digest is sha256:bb2b07ca992b8c976341c145ccdcefbd57e946a590efaa5e10d60fc5a2cbe503\n\n (For ppc64le architecture)\n The image digest is sha256:678369ac0a189674b3d9f5779ee7042b39e625ee580579ec302d8899f8ddc613\n\n (For aarch64 architecture)\n The image digest is sha256:791079aeb081a9193cec139ba4dccbafbfc9437b6e5e39d70225b0e6d2f51b34\n\nAll OpenShift Container Platform 4.20 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.20:rhcos-aarch64-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-ppc64le-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-s390x-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-x86_64-4.20.9.6.202509251656-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:15397"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHOSE-4.20:rhcos-aarch64-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-ppc64le-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-s390x-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-x86_64-4.20.9.6.202509251656-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.20:rhcos-aarch64-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-ppc64le-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-s390x-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-x86_64-4.20.9.6.202509251656-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "unbound: Unbound Cache poisoning"
},
{
"acknowledgments": [
{
"names": [
"Paul Holzinger"
],
"organization": "Red Hat Inc.",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2025-6032",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2025-06-12T15:14:34.557000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372501"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. This issue results in a Man In The Middle attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "podman: podman missing TLS verification",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, a user needs to download an image from an untrusted OCI registry, specifically, an OCI registry with an invalid TLS certificate. This allows a remote attacker with access to the network path between the registry and the client to perform a Man In the Middle attack.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.20:rhcos-aarch64-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-ppc64le-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-s390x-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-x86_64-4.20.9.6.202509251656-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6032"
},
{
"category": "external",
"summary": "RHBZ#2372501",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372501"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6032",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6032"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6032",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6032"
},
{
"category": "external",
"summary": "https://github.com/containers/podman/commit/726b506acc8a00d99f1a3a1357ecf619a1f798c3",
"url": "https://github.com/containers/podman/commit/726b506acc8a00d99f1a3a1357ecf619a1f798c3"
},
{
"category": "external",
"summary": "https://github.com/containers/podman/security/advisories/GHSA-65gg-3w2w-hr4h",
"url": "https://github.com/containers/podman/security/advisories/GHSA-65gg-3w2w-hr4h"
}
],
"release_date": "2025-06-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-21T14:50:28+00:00",
"details": "For OpenShift Container Platform 4.20 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:d1dc76522d1e235b97675b28e977cb8c452f47d39c0eb519cde02114925f91d2\n\n (For s390x architecture)\n The image digest is sha256:bb2b07ca992b8c976341c145ccdcefbd57e946a590efaa5e10d60fc5a2cbe503\n\n (For ppc64le architecture)\n The image digest is sha256:678369ac0a189674b3d9f5779ee7042b39e625ee580579ec302d8899f8ddc613\n\n (For aarch64 architecture)\n The image digest is sha256:791079aeb081a9193cec139ba4dccbafbfc9437b6e5e39d70225b0e6d2f51b34\n\nAll OpenShift Container Platform 4.20 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.20:rhcos-aarch64-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-ppc64le-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-s390x-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-x86_64-4.20.9.6.202509251656-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:15397"
},
{
"category": "workaround",
"details": "Download the VM image manually with another tool that verifies the TLS certificate and then pass the local image as a file path to podman, for example:\n\n# podman machine init --image \u003clocal-image-path\u003e",
"product_ids": [
"9Base-RHOSE-4.20:rhcos-aarch64-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-ppc64le-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-s390x-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-x86_64-4.20.9.6.202509251656-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.20:rhcos-aarch64-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-ppc64le-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-s390x-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-x86_64-4.20.9.6.202509251656-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "podman: podman missing TLS verification"
},
{
"cve": "CVE-2025-6965",
"cwe": {
"id": "CWE-197",
"name": "Numeric Truncation Error"
},
"discovery_date": "2025-07-15T14:02:19.241458+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380149"
}
],
"notes": [
{
"category": "description",
"text": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sqlite: Integer Truncation in SQLite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in SQLite is categorized as Important rather than Critical because, although it involves memory corruption, the conditions required to trigger it are relatively constrained. The flaw arises when a query causes the number of aggregate terms to exceed internal limits, leading to potential buffer overflows or memory mismanagement. However, exploitation requires the ability to craft complex SQL queries and interact with the SQLite engine in a specific manner\u2014typically through direct SQL input. There is no known evidence of arbitrary code execution, privilege escalation, or remote exploitability as a direct result of this flaw. Additionally, most SQLite deployments are embedded in applications where input is tightly controlled or sanitized.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.20:rhcos-aarch64-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-ppc64le-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-s390x-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-x86_64-4.20.9.6.202509251656-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "RHBZ#2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8",
"url": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8"
}
],
"release_date": "2025-07-15T13:44:00.784000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-21T14:50:28+00:00",
"details": "For OpenShift Container Platform 4.20 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:d1dc76522d1e235b97675b28e977cb8c452f47d39c0eb519cde02114925f91d2\n\n (For s390x architecture)\n The image digest is sha256:bb2b07ca992b8c976341c145ccdcefbd57e946a590efaa5e10d60fc5a2cbe503\n\n (For ppc64le architecture)\n The image digest is sha256:678369ac0a189674b3d9f5779ee7042b39e625ee580579ec302d8899f8ddc613\n\n (For aarch64 architecture)\n The image digest is sha256:791079aeb081a9193cec139ba4dccbafbfc9437b6e5e39d70225b0e6d2f51b34\n\nAll OpenShift Container Platform 4.20 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.20:rhcos-aarch64-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-ppc64le-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-s390x-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-x86_64-4.20.9.6.202509251656-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:15397"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHOSE-4.20:rhcos-aarch64-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-ppc64le-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-s390x-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-x86_64-4.20.9.6.202509251656-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.20:rhcos-aarch64-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-ppc64le-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-s390x-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-x86_64-4.20.9.6.202509251656-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "sqlite: Integer Truncation in SQLite"
},
{
"cve": "CVE-2025-49794",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-06-11T21:33:43.044000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372373"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the \u003csch:name path=\"...\"/\u003e schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program\u0027s crash using libxml or other possible undefined behaviors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue was rated with a severity impact of Important by Red Hat Product Security, as libxml can be used to parse XML coming from the network depending on how the program consumes it and uses the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.20:rhcos-aarch64-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-ppc64le-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-s390x-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-x86_64-4.20.9.6.202509251656-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49794"
},
{
"category": "external",
"summary": "RHBZ#2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794"
}
],
"release_date": "2025-06-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-21T14:50:28+00:00",
"details": "For OpenShift Container Platform 4.20 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:d1dc76522d1e235b97675b28e977cb8c452f47d39c0eb519cde02114925f91d2\n\n (For s390x architecture)\n The image digest is sha256:bb2b07ca992b8c976341c145ccdcefbd57e946a590efaa5e10d60fc5a2cbe503\n\n (For ppc64le architecture)\n The image digest is sha256:678369ac0a189674b3d9f5779ee7042b39e625ee580579ec302d8899f8ddc613\n\n (For aarch64 architecture)\n The image digest is sha256:791079aeb081a9193cec139ba4dccbafbfc9437b6e5e39d70225b0e6d2f51b34\n\nAll OpenShift Container Platform 4.20 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.20:rhcos-aarch64-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-ppc64le-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-s390x-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-x86_64-4.20.9.6.202509251656-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:15397"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than avoid processing untrusted XML documents before updating to the libxml version containing the fix.",
"product_ids": [
"9Base-RHOSE-4.20:rhcos-aarch64-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-ppc64le-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-s390x-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-x86_64-4.20.9.6.202509251656-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.20:rhcos-aarch64-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-ppc64le-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-s390x-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-x86_64-4.20.9.6.202509251656-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)"
},
{
"cve": "CVE-2025-49796",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-06-12T00:35:26.470000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372385"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Type confusion leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has evaluated this vulnerability as having an Important security impact, as libxml can be used to parse XML from the network depending on how the program consumes it using the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.20:rhcos-aarch64-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-ppc64le-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-s390x-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-x86_64-4.20.9.6.202509251656-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49796"
},
{
"category": "external",
"summary": "RHBZ#2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796"
}
],
"release_date": "2025-06-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-21T14:50:28+00:00",
"details": "For OpenShift Container Platform 4.20 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:d1dc76522d1e235b97675b28e977cb8c452f47d39c0eb519cde02114925f91d2\n\n (For s390x architecture)\n The image digest is sha256:bb2b07ca992b8c976341c145ccdcefbd57e946a590efaa5e10d60fc5a2cbe503\n\n (For ppc64le architecture)\n The image digest is sha256:678369ac0a189674b3d9f5779ee7042b39e625ee580579ec302d8899f8ddc613\n\n (For aarch64 architecture)\n The image digest is sha256:791079aeb081a9193cec139ba4dccbafbfc9437b6e5e39d70225b0e6d2f51b34\n\nAll OpenShift Container Platform 4.20 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.20:rhcos-aarch64-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-ppc64le-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-s390x-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-x86_64-4.20.9.6.202509251656-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:15397"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than to avoid processing untrusted XML documents if the user is unable/unwilling to update the library.",
"product_ids": [
"9Base-RHOSE-4.20:rhcos-aarch64-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-ppc64le-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-s390x-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-x86_64-4.20.9.6.202509251656-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.20:rhcos-aarch64-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-ppc64le-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-s390x-4.20.9.6.202509251656-0",
"9Base-RHOSE-4.20:rhcos-x86_64-4.20.9.6.202509251656-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Type confusion leads to Denial of service (DoS)"
}
]
}
GHSA-XRV5-2WWG-JP3R
Vulnerability from github – Published: 2025-07-16 15:32 – Updated: 2025-11-03 21:34
VLAI?
Details
A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet (ECS). Unbound is also vulnerable when compiled with ECS support, i.e., '--enable-subnet', AND configured to send ECS information along with queries to upstream name servers, i.e., at least one of the 'send-client-subnet', 'client-subnet-zone' or 'client-subnet-always-forward' options is used. Resolvers supporting ECS need to segregate outgoing queries to accommodate for different outgoing ECS information. This re-opens up resolvers to a birthday paradox attack (Rebirthday Attack) that tries to match the DNS transaction ID in order to cache non-ECS poisonous replies.
Severity ?
{
"affected": [],
"aliases": [
"CVE-2025-5994"
],
"database_specific": {
"cwe_ids": [
"CWE-349"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-07-16T15:15:33Z",
"severity": "HIGH"
},
"details": "A multi-vendor cache poisoning vulnerability named \u0027Rebirthday Attack\u0027 has been discovered in caching resolvers that support EDNS Client Subnet (ECS). Unbound is also vulnerable when compiled with ECS support, i.e., \u0027--enable-subnet\u0027, AND configured to send ECS information along with queries to upstream name servers, i.e., at least one of the \u0027send-client-subnet\u0027, \u0027client-subnet-zone\u0027 or \u0027client-subnet-always-forward\u0027 options is used. Resolvers supporting ECS need to segregate outgoing queries to accommodate for different outgoing ECS information. This re-opens up resolvers to a birthday paradox attack (Rebirthday Attack) that tries to match the DNS transaction ID in order to cache non-ECS poisonous replies.",
"id": "GHSA-xrv5-2wwg-jp3r",
"modified": "2025-11-03T21:34:08Z",
"published": "2025-07-16T15:32:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5994"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00019.html"
},
{
"type": "WEB",
"url": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:U/V:C/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
WID-SEC-W-2025-1656
Vulnerability from csaf_certbund - Published: 2025-07-27 22:00 - Updated: 2025-10-29 23:00Summary
Red Hat Enterprise Linux (unbound): Schwachstelle ermöglicht Manipulation von Daten
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Red Hat Enterprise Linux (RHEL) ist eine populäre Linux-Distribution.
Angriff
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Red Hat Enterprise Linux (unbound) ausnutzen, um Daten zu manipulieren.
Betroffene Betriebssysteme
- Linux
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Red Hat Enterprise Linux (RHEL) ist eine popul\u00e4re Linux-Distribution.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Red Hat Enterprise Linux (unbound) ausnutzen, um Daten zu manipulieren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-1656 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1656.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-1656 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1656"
},
{
"category": "external",
"summary": "Red Hat Security Advisory vom 2025-07-27",
"url": "https://access.redhat.com/errata/RHSA-2025:11849"
},
{
"category": "external",
"summary": "RedHat Customer Portal vom 2025-07-27",
"url": "https://access.redhat.com/security/cve/CVE-2025-5994"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-11884 vom 2025-07-29",
"url": "http://linux.oracle.com/errata/ELSA-2025-11884.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-11849 vom 2025-07-29",
"url": "http://linux.oracle.com/errata/ELSA-2025-11849.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:12064 vom 2025-07-29",
"url": "https://access.redhat.com/errata/RHSA-2025:12064"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-12064 vom 2025-07-30",
"url": "https://linux.oracle.com/errata/ELSA-2025-12064.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:12416 vom 2025-07-31",
"url": "https://access.redhat.com/errata/RHSA-2025:12416"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:12520 vom 2025-08-04",
"url": "https://access.redhat.com/errata/RHSA-2025:12520"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:12523 vom 2025-08-04",
"url": "https://access.redhat.com/errata/RHSA-2025:12523"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2UNBOUND-1.17-2025-005 vom 2025-08-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2UNBOUND-1.17-2025-005.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-2951 vom 2025-08-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-2951.html"
},
{
"category": "external",
"summary": "RedHat Security Advisory",
"url": "https://access.redhat.com/errata/RHSA-2025:12929"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:13575 vom 2025-08-11",
"url": "https://access.redhat.com/errata/RHSA-2025:13575"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:13576 vom 2025-08-11",
"url": "https://access.redhat.com/errata/RHSA-2025:13576"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:13577 vom 2025-08-11",
"url": "https://access.redhat.com/errata/RHSA-2025:13577"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4280 vom 2025-08-24",
"url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00019.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5987 vom 2025-08-28",
"url": "https://lists.debian.org/debian-security-announce/2025/msg00151.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:15397 vom 2025-10-22",
"url": "https://access.redhat.com/errata/RHSA-2025:15397"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:18218 vom 2025-10-22",
"url": "https://access.redhat.com/errata/RHSA-2025:18218"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:18240 vom 2025-10-23",
"url": "https://access.redhat.com/errata/RHSA-2025:18240"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:19046 vom 2025-10-29",
"url": "https://access.redhat.com/errata/RHSA-2025:19046"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:19041 vom 2025-10-30",
"url": "https://access.redhat.com/errata/RHSA-2025:19041"
}
],
"source_lang": "en-US",
"title": "Red Hat Enterprise Linux (unbound): Schwachstelle erm\u00f6glicht Manipulation von Daten",
"tracking": {
"current_release_date": "2025-10-29T23:00:00.000+00:00",
"generator": {
"date": "2025-10-30T08:13:43.934+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-1656",
"initial_release_date": "2025-07-27T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-07-27T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-07-28T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-07-29T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-07-31T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-08-03T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-08-04T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-08-10T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-08-24T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2025-08-27T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2025-10-21T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-10-23T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-10-28T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-10-29T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "13"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"category": "product_version",
"name": "8",
"product": {
"name": "Red Hat Enterprise Linux 8",
"product_id": "T037152",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:8"
}
}
},
{
"category": "product_version",
"name": "10",
"product": {
"name": "Red Hat Enterprise Linux 10",
"product_id": "T044138",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10"
}
}
},
{
"category": "product_version",
"name": "9",
"product": {
"name": "Red Hat Enterprise Linux 9",
"product_id": "T045680",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:9"
}
}
}
],
"category": "product_name",
"name": "Enterprise Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Container Platform \u003c4.18.27",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.18.27",
"product_id": "T048184"
}
},
{
"category": "product_version",
"name": "Container Platform 4.18.27",
"product": {
"name": "Red Hat OpenShift Container Platform 4.18.27",
"product_id": "T048184-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.18.27"
}
}
}
],
"category": "product_name",
"name": "OpenShift"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-5994",
"product_status": {
"known_affected": [
"T037152",
"T044138",
"2951",
"67646",
"T048184",
"T045680",
"398363",
"T004914"
]
},
"release_date": "2025-07-27T22:00:00.000+00:00",
"title": "CVE-2025-5994"
}
]
}
WID-SEC-W-2025-2043
Vulnerability from csaf_certbund - Published: 2025-09-11 22:00 - Updated: 2025-10-01 22:00Summary
IBM QRadar SIEM: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM QRadar Security Information and Event Management (SIEM) bietet Unterstützung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.
Angriff
Ein Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM ausnutzen, um beliebigen Programmcode auszuführen, einen Denial of Service Zustand zu erzeugen, um Dateien zu manipulieren und um nicht nächer spezifizierte Auswirkungen zu erzielen..
Betroffene Betriebssysteme
- Linux
- UNIX
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM QRadar Security Information and Event Management (SIEM) bietet Unterst\u00fctzung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial of Service Zustand zu erzeugen, um Dateien zu manipulieren und um nicht n\u00e4cher spezifizierte Auswirkungen zu erzielen..",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-2043 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2043.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-2043 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2043"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7244784 vom 2025-09-12",
"url": "https://www.ibm.com/support/pages/node/7244784"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7244786 vom 2025-09-12",
"url": "https://www.ibm.com/support/pages/node/7244786"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:17161 vom 2025-10-01",
"url": "https://access.redhat.com/errata/RHSA-2025:17161"
}
],
"source_lang": "en-US",
"title": "IBM QRadar SIEM: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-10-01T22:00:00.000+00:00",
"generator": {
"date": "2025-10-02T08:18:55.515+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-2043",
"initial_release_date": "2025-09-11T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-09-11T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-09-14T22:00:00.000+00:00",
"number": "2",
"summary": "Referenz(en) aufgenommen: EUVD-2025-29120"
},
{
"date": "2025-10-01T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.5.0 UP13 IF02",
"product": {
"name": "IBM QRadar SIEM \u003c7.5.0 UP13 IF02",
"product_id": "T046961"
}
},
{
"category": "product_version",
"name": "7.5.0 UP13 IF02",
"product": {
"name": "IBM QRadar SIEM 7.5.0 UP13 IF02",
"product_id": "T046961-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5.0:up13_if02"
}
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-47670",
"product_status": {
"known_affected": [
"67646",
"T046961"
]
},
"release_date": "2025-09-11T22:00:00.000+00:00",
"title": "CVE-2021-47670"
},
{
"cve": "CVE-2023-49083",
"product_status": {
"known_affected": [
"67646",
"T046961"
]
},
"release_date": "2025-09-11T22:00:00.000+00:00",
"title": "CVE-2023-49083"
},
{
"cve": "CVE-2024-56644",
"product_status": {
"known_affected": [
"67646",
"T046961"
]
},
"release_date": "2025-09-11T22:00:00.000+00:00",
"title": "CVE-2024-56644"
},
{
"cve": "CVE-2025-21727",
"product_status": {
"known_affected": [
"67646",
"T046961"
]
},
"release_date": "2025-09-11T22:00:00.000+00:00",
"title": "CVE-2025-21727"
},
{
"cve": "CVE-2025-21759",
"product_status": {
"known_affected": [
"67646",
"T046961"
]
},
"release_date": "2025-09-11T22:00:00.000+00:00",
"title": "CVE-2025-21759"
},
{
"cve": "CVE-2025-22058",
"product_status": {
"known_affected": [
"67646",
"T046961"
]
},
"release_date": "2025-09-11T22:00:00.000+00:00",
"title": "CVE-2025-22058"
},
{
"cve": "CVE-2025-22097",
"product_status": {
"known_affected": [
"67646",
"T046961"
]
},
"release_date": "2025-09-11T22:00:00.000+00:00",
"title": "CVE-2025-22097"
},
{
"cve": "CVE-2025-37914",
"product_status": {
"known_affected": [
"67646",
"T046961"
]
},
"release_date": "2025-09-11T22:00:00.000+00:00",
"title": "CVE-2025-37914"
},
{
"cve": "CVE-2025-38085",
"product_status": {
"known_affected": [
"67646",
"T046961"
]
},
"release_date": "2025-09-11T22:00:00.000+00:00",
"title": "CVE-2025-38085"
},
{
"cve": "CVE-2025-38159",
"product_status": {
"known_affected": [
"67646",
"T046961"
]
},
"release_date": "2025-09-11T22:00:00.000+00:00",
"title": "CVE-2025-38159"
},
{
"cve": "CVE-2025-38200",
"product_status": {
"known_affected": [
"67646",
"T046961"
]
},
"release_date": "2025-09-11T22:00:00.000+00:00",
"title": "CVE-2025-38200"
},
{
"cve": "CVE-2025-38250",
"product_status": {
"known_affected": [
"67646",
"T046961"
]
},
"release_date": "2025-09-11T22:00:00.000+00:00",
"title": "CVE-2025-38250"
},
{
"cve": "CVE-2025-38380",
"product_status": {
"known_affected": [
"67646",
"T046961"
]
},
"release_date": "2025-09-11T22:00:00.000+00:00",
"title": "CVE-2025-38380"
},
{
"cve": "CVE-2025-5914",
"product_status": {
"known_affected": [
"67646",
"T046961"
]
},
"release_date": "2025-09-11T22:00:00.000+00:00",
"title": "CVE-2025-5914"
},
{
"cve": "CVE-2025-5994",
"product_status": {
"known_affected": [
"67646",
"T046961"
]
},
"release_date": "2025-09-11T22:00:00.000+00:00",
"title": "CVE-2025-5994"
},
{
"cve": "CVE-2025-6020",
"product_status": {
"known_affected": [
"67646",
"T046961"
]
},
"release_date": "2025-09-11T22:00:00.000+00:00",
"title": "CVE-2025-6020"
},
{
"cve": "CVE-2025-6032",
"product_status": {
"known_affected": [
"67646",
"T046961"
]
},
"release_date": "2025-09-11T22:00:00.000+00:00",
"title": "CVE-2025-6032"
},
{
"cve": "CVE-2025-8194",
"product_status": {
"known_affected": [
"67646",
"T046961"
]
},
"release_date": "2025-09-11T22:00:00.000+00:00",
"title": "CVE-2025-8194"
},
{
"cve": "CVE-2025-0164",
"product_status": {
"known_affected": [
"67646",
"T046961"
]
},
"release_date": "2025-09-11T22:00:00.000+00:00",
"title": "CVE-2025-0164"
}
]
}
MSRC_CVE-2025-5994
Vulnerability from csaf_microsoft - Published: 2025-07-02 00:00 - Updated: 2025-09-04 02:52Summary
Cache poisoning via the ECS-enabled Rebirthday Attack
Notes
Additional Resources
To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer
The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2025-5994 Cache poisoning via the ECS-enabled Rebirthday Attack - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2025/msrc_cve-2025-5994.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "Cache poisoning via the ECS-enabled Rebirthday Attack",
"tracking": {
"current_release_date": "2025-09-04T02:52:05.000Z",
"generator": {
"date": "2025-10-20T03:36:12.161Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2025-5994",
"initial_release_date": "2025-07-02T00:00:00.000Z",
"revision_history": [
{
"date": "2025-09-04T02:52:05.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
},
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"category": "product_name",
"name": "cbl2 unbound 1.19.1-3",
"product": {
"name": "cbl2 unbound 1.19.1-3",
"product_id": "1"
}
},
{
"category": "product_name",
"name": "azl3 unbound 1.19.1-4",
"product": {
"name": "azl3 unbound 1.19.1-4",
"product_id": "2"
}
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 unbound 1.19.1-3 as a component of CBL Mariner 2.0",
"product_id": "17086-1"
},
"product_reference": "1",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 unbound 1.19.1-4 as a component of Azure Linux 3.0",
"product_id": "17084-2"
},
"product_reference": "2",
"relates_to_product_reference": "17084"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-5994",
"cwe": {
"id": "CWE-349",
"name": "Acceptance of Extraneous Untrusted Data With Trusted Data"
},
"flags": [
{
"label": "component_not_present",
"product_ids": [
"17084-2"
]
},
{
"label": "vulnerable_code_not_present",
"product_ids": [
"17086-1"
]
}
],
"notes": [
{
"category": "general",
"text": "NLnet Labs",
"title": "Assigning CNA"
}
],
"product_status": {
"known_not_affected": [
"17086-1",
"17084-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-5994 Cache poisoning via the ECS-enabled Rebirthday Attack - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2025/msrc_cve-2025-5994.json"
}
],
"title": "Cache poisoning via the ECS-enabled Rebirthday Attack"
}
]
}
FKIE_CVE-2025-5994
Vulnerability from fkie_nvd - Published: 2025-07-16 15:15 - Updated: 2025-11-03 19:16
Severity ?
Summary
A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet (ECS). Unbound is also vulnerable when compiled with ECS support, i.e., '--enable-subnet', AND configured to send ECS information along with queries to upstream name servers, i.e., at least one of the 'send-client-subnet', 'client-subnet-zone' or 'client-subnet-always-forward' options is used. Resolvers supporting ECS need to segregate outgoing queries to accommodate for different outgoing ECS information. This re-opens up resolvers to a birthday paradox attack (Rebirthday Attack) that tries to match the DNS transaction ID in order to cache non-ECS poisonous replies.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A multi-vendor cache poisoning vulnerability named \u0027Rebirthday Attack\u0027 has been discovered in caching resolvers that support EDNS Client Subnet (ECS). Unbound is also vulnerable when compiled with ECS support, i.e., \u0027--enable-subnet\u0027, AND configured to send ECS information along with queries to upstream name servers, i.e., at least one of the \u0027send-client-subnet\u0027, \u0027client-subnet-zone\u0027 or \u0027client-subnet-always-forward\u0027 options is used. Resolvers supporting ECS need to segregate outgoing queries to accommodate for different outgoing ECS information. This re-opens up resolvers to a birthday paradox attack (Rebirthday Attack) that tries to match the DNS transaction ID in order to cache non-ECS poisonous replies."
},
{
"lang": "es",
"value": "Se ha descubierto una vulnerabilidad de envenenamiento de cach\u00e9 multiproveedor, denominada \"Ataque Rebirthday\", en resolutores de cach\u00e9 compatibles con EDNS Client Subnet (ECS). Unbound tambi\u00e9n es vulnerable cuando se compila con compatibilidad con ECS (es decir, con \"--enable-subnet\") y se configura para enviar informaci\u00f3n de ECS junto con consultas a servidores de nombres ascendentes (es decir, se utiliza al menos una de las opciones \"send-client-subnet\", \"client-subnet-zone\" o \"client-subnet-always-forward\"). Los resolutores compatibles con ECS deben segregar las consultas salientes para adaptarlas a la diferente informaci\u00f3n de ECS saliente. Esto expone a los resolutores a un ataque de paradoja de cumplea\u00f1os (Ataque Rebirthday), que intenta coincidir con el ID de transacci\u00f3n DNS para almacenar en cach\u00e9 respuestas t\u00f3xicas que no sean de ECS."
}
],
"id": "CVE-2025-5994",
"lastModified": "2025-11-03T19:16:14.563",
"metrics": {
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:U/V:C/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "sep@nlnetlabs.nl",
"type": "Secondary"
}
]
},
"published": "2025-07-16T15:15:33.490",
"references": [
{
"source": "sep@nlnetlabs.nl",
"url": "https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00019.html"
}
],
"sourceIdentifier": "sep@nlnetlabs.nl",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-349"
}
],
"source": "sep@nlnetlabs.nl",
"type": "Secondary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…