csaf_suse - suse-ru-2025:02091-1

SUSE-RU-2025:02091-1

Vulnerability from csaf_suse - Published: 2025-06-24 13:44 - Updated: 2025-06-24 13:44

Summary

Recommended update for podman

Notes

Title of the patch

Recommended update for podman

Description of the patch

This update for podman fixes the following issues: - Added patch to remove using rw as a default mount option (bsc#1239776)

Patchnames

SUSE-2025-2091,SUSE-SLE-Micro-5.3-2025-2091,SUSE-SLE-Micro-5.4-2025-2091,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2091,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2091,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2091,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2091

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Recommended update for podman",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for podman fixes the following issues:\n\n- Added patch to remove using rw as a default mount option (bsc#1239776)\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2025-2091,SUSE-SLE-Micro-5.3-2025-2091,SUSE-SLE-Micro-5.4-2025-2091,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2091,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2091,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2091,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2091",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-ru-2025_02091-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-RU-2025:02091-1",
        "url": "https://www.suse.com/support/update/announcement//suse-ru-202502091-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-RU-2025:02091-1",
        "url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040458.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239776",
        "url": "https://bugzilla.suse.com/1239776"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-6104 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-6104/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-22869 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-22869/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-27144 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-27144/"
      }
    ],
    "title": "Recommended update for podman",
    "tracking": {
      "current_release_date": "2025-06-24T13:44:12Z",
      "generator": {
        "date": "2025-06-24T13:44:12Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-RU-2025:02091-1",
      "initial_release_date": "2025-06-24T13:44:12Z",
      "revision_history": [
        {
          "date": "2025-06-24T13:44:12Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "podman-4.9.5-150400.4.47.2.aarch64",
                "product": {
                  "name": "podman-4.9.5-150400.4.47.2.aarch64",
                  "product_id": "podman-4.9.5-150400.4.47.2.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "podman-remote-4.9.5-150400.4.47.2.aarch64",
                "product": {
                  "name": "podman-remote-4.9.5-150400.4.47.2.aarch64",
                  "product_id": "podman-remote-4.9.5-150400.4.47.2.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "podmansh-4.9.5-150400.4.47.2.aarch64",
                "product": {
                  "name": "podmansh-4.9.5-150400.4.47.2.aarch64",
                  "product_id": "podmansh-4.9.5-150400.4.47.2.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "podman-4.9.5-150400.4.47.2.i586",
                "product": {
                  "name": "podman-4.9.5-150400.4.47.2.i586",
                  "product_id": "podman-4.9.5-150400.4.47.2.i586"
                }
              },
              {
                "category": "product_version",
                "name": "podman-remote-4.9.5-150400.4.47.2.i586",
                "product": {
                  "name": "podman-remote-4.9.5-150400.4.47.2.i586",
                  "product_id": "podman-remote-4.9.5-150400.4.47.2.i586"
                }
              },
              {
                "category": "product_version",
                "name": "podmansh-4.9.5-150400.4.47.2.i586",
                "product": {
                  "name": "podmansh-4.9.5-150400.4.47.2.i586",
                  "product_id": "podmansh-4.9.5-150400.4.47.2.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "podman-docker-4.9.5-150400.4.47.2.noarch",
                "product": {
                  "name": "podman-docker-4.9.5-150400.4.47.2.noarch",
                  "product_id": "podman-docker-4.9.5-150400.4.47.2.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "podman-4.9.5-150400.4.47.2.ppc64le",
                "product": {
                  "name": "podman-4.9.5-150400.4.47.2.ppc64le",
                  "product_id": "podman-4.9.5-150400.4.47.2.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "podman-remote-4.9.5-150400.4.47.2.ppc64le",
                "product": {
                  "name": "podman-remote-4.9.5-150400.4.47.2.ppc64le",
                  "product_id": "podman-remote-4.9.5-150400.4.47.2.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "podmansh-4.9.5-150400.4.47.2.ppc64le",
                "product": {
                  "name": "podmansh-4.9.5-150400.4.47.2.ppc64le",
                  "product_id": "podmansh-4.9.5-150400.4.47.2.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "podman-4.9.5-150400.4.47.2.s390x",
                "product": {
                  "name": "podman-4.9.5-150400.4.47.2.s390x",
                  "product_id": "podman-4.9.5-150400.4.47.2.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "podman-remote-4.9.5-150400.4.47.2.s390x",
                "product": {
                  "name": "podman-remote-4.9.5-150400.4.47.2.s390x",
                  "product_id": "podman-remote-4.9.5-150400.4.47.2.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "podmansh-4.9.5-150400.4.47.2.s390x",
                "product": {
                  "name": "podmansh-4.9.5-150400.4.47.2.s390x",
                  "product_id": "podmansh-4.9.5-150400.4.47.2.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "podman-4.9.5-150400.4.47.2.x86_64",
                "product": {
                  "name": "podman-4.9.5-150400.4.47.2.x86_64",
                  "product_id": "podman-4.9.5-150400.4.47.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "podman-remote-4.9.5-150400.4.47.2.x86_64",
                "product": {
                  "name": "podman-remote-4.9.5-150400.4.47.2.x86_64",
                  "product_id": "podman-remote-4.9.5-150400.4.47.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "podmansh-4.9.5-150400.4.47.2.x86_64",
                "product": {
                  "name": "podmansh-4.9.5-150400.4.47.2.x86_64",
                  "product_id": "podmansh-4.9.5-150400.4.47.2.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Micro 5.3",
                "product": {
                  "name": "SUSE Linux Enterprise Micro 5.3",
                  "product_id": "SUSE Linux Enterprise Micro 5.3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-micro:5.3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Micro 5.4",
                "product": {
                  "name": "SUSE Linux Enterprise Micro 5.4",
                  "product_id": "SUSE Linux Enterprise Micro 5.4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-micro:5.4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
                "product": {
                  "name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
                  "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
                  "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss:15:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:15:sp4"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-4.9.5-150400.4.47.2.aarch64 as component of SUSE Linux Enterprise Micro 5.3",
          "product_id": "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.47.2.aarch64"
        },
        "product_reference": "podman-4.9.5-150400.4.47.2.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-4.9.5-150400.4.47.2.s390x as component of SUSE Linux Enterprise Micro 5.3",
          "product_id": "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.47.2.s390x"
        },
        "product_reference": "podman-4.9.5-150400.4.47.2.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-4.9.5-150400.4.47.2.x86_64 as component of SUSE Linux Enterprise Micro 5.3",
          "product_id": "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.47.2.x86_64"
        },
        "product_reference": "podman-4.9.5-150400.4.47.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-remote-4.9.5-150400.4.47.2.aarch64 as component of SUSE Linux Enterprise Micro 5.3",
          "product_id": "SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.47.2.aarch64"
        },
        "product_reference": "podman-remote-4.9.5-150400.4.47.2.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-remote-4.9.5-150400.4.47.2.s390x as component of SUSE Linux Enterprise Micro 5.3",
          "product_id": "SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.47.2.s390x"
        },
        "product_reference": "podman-remote-4.9.5-150400.4.47.2.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-remote-4.9.5-150400.4.47.2.x86_64 as component of SUSE Linux Enterprise Micro 5.3",
          "product_id": "SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.47.2.x86_64"
        },
        "product_reference": "podman-remote-4.9.5-150400.4.47.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-4.9.5-150400.4.47.2.aarch64 as component of SUSE Linux Enterprise Micro 5.4",
          "product_id": "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.47.2.aarch64"
        },
        "product_reference": "podman-4.9.5-150400.4.47.2.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-4.9.5-150400.4.47.2.s390x as component of SUSE Linux Enterprise Micro 5.4",
          "product_id": "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.47.2.s390x"
        },
        "product_reference": "podman-4.9.5-150400.4.47.2.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-4.9.5-150400.4.47.2.x86_64 as component of SUSE Linux Enterprise Micro 5.4",
          "product_id": "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.47.2.x86_64"
        },
        "product_reference": "podman-4.9.5-150400.4.47.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-remote-4.9.5-150400.4.47.2.aarch64 as component of SUSE Linux Enterprise Micro 5.4",
          "product_id": "SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.47.2.aarch64"
        },
        "product_reference": "podman-remote-4.9.5-150400.4.47.2.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-remote-4.9.5-150400.4.47.2.s390x as component of SUSE Linux Enterprise Micro 5.4",
          "product_id": "SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.47.2.s390x"
        },
        "product_reference": "podman-remote-4.9.5-150400.4.47.2.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-remote-4.9.5-150400.4.47.2.x86_64 as component of SUSE Linux Enterprise Micro 5.4",
          "product_id": "SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.47.2.x86_64"
        },
        "product_reference": "podman-remote-4.9.5-150400.4.47.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-4.9.5-150400.4.47.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.47.2.aarch64"
        },
        "product_reference": "podman-4.9.5-150400.4.47.2.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-4.9.5-150400.4.47.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.47.2.x86_64"
        },
        "product_reference": "podman-4.9.5-150400.4.47.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-docker-4.9.5-150400.4.47.2.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.47.2.noarch"
        },
        "product_reference": "podman-docker-4.9.5-150400.4.47.2.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-remote-4.9.5-150400.4.47.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.47.2.aarch64"
        },
        "product_reference": "podman-remote-4.9.5-150400.4.47.2.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-remote-4.9.5-150400.4.47.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.47.2.x86_64"
        },
        "product_reference": "podman-remote-4.9.5-150400.4.47.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-4.9.5-150400.4.47.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.aarch64"
        },
        "product_reference": "podman-4.9.5-150400.4.47.2.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-4.9.5-150400.4.47.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.x86_64"
        },
        "product_reference": "podman-4.9.5-150400.4.47.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-docker-4.9.5-150400.4.47.2.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.47.2.noarch"
        },
        "product_reference": "podman-docker-4.9.5-150400.4.47.2.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-remote-4.9.5-150400.4.47.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.aarch64"
        },
        "product_reference": "podman-remote-4.9.5-150400.4.47.2.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-remote-4.9.5-150400.4.47.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.x86_64"
        },
        "product_reference": "podman-remote-4.9.5-150400.4.47.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-4.9.5-150400.4.47.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.aarch64"
        },
        "product_reference": "podman-4.9.5-150400.4.47.2.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-4.9.5-150400.4.47.2.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.ppc64le"
        },
        "product_reference": "podman-4.9.5-150400.4.47.2.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-4.9.5-150400.4.47.2.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.s390x"
        },
        "product_reference": "podman-4.9.5-150400.4.47.2.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-4.9.5-150400.4.47.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.x86_64"
        },
        "product_reference": "podman-4.9.5-150400.4.47.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-docker-4.9.5-150400.4.47.2.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.47.2.noarch"
        },
        "product_reference": "podman-docker-4.9.5-150400.4.47.2.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-remote-4.9.5-150400.4.47.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.aarch64"
        },
        "product_reference": "podman-remote-4.9.5-150400.4.47.2.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-remote-4.9.5-150400.4.47.2.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.ppc64le"
        },
        "product_reference": "podman-remote-4.9.5-150400.4.47.2.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-remote-4.9.5-150400.4.47.2.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.s390x"
        },
        "product_reference": "podman-remote-4.9.5-150400.4.47.2.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-remote-4.9.5-150400.4.47.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.x86_64"
        },
        "product_reference": "podman-remote-4.9.5-150400.4.47.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-4.9.5-150400.4.47.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.47.2.ppc64le"
        },
        "product_reference": "podman-4.9.5-150400.4.47.2.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-4.9.5-150400.4.47.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.47.2.x86_64"
        },
        "product_reference": "podman-4.9.5-150400.4.47.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-docker-4.9.5-150400.4.47.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.47.2.noarch"
        },
        "product_reference": "podman-docker-4.9.5-150400.4.47.2.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-remote-4.9.5-150400.4.47.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.47.2.ppc64le"
        },
        "product_reference": "podman-remote-4.9.5-150400.4.47.2.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-remote-4.9.5-150400.4.47.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.47.2.x86_64"
        },
        "product_reference": "podman-remote-4.9.5-150400.4.47.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-6104",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-6104"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.47.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.47.2.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.47.2.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.47.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.47.2.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.47.2.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.x86_64",
          "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.47.2.aarch64",
          "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.47.2.s390x",
          "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.47.2.x86_64",
          "SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.47.2.aarch64",
          "SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.47.2.s390x",
          "SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.47.2.x86_64",
          "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.47.2.aarch64",
          "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.47.2.s390x",
          "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.47.2.x86_64",
          "SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.47.2.aarch64",
          "SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.47.2.s390x",
          "SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.47.2.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.47.2.noarch",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.47.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.47.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.47.2.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.47.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.47.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-6104",
          "url": "https://www.suse.com/security/cve/CVE-2024-6104"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1227024 for CVE-2024-6104",
          "url": "https://bugzilla.suse.com/1227024"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.47.2.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.47.2.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.47.2.s390x",
            "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.47.2.s390x",
            "SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.47.2.s390x",
            "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.47.2.s390x",
            "SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.47.2.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.47.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.47.2.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.47.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.47.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.47.2.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.47.2.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.47.2.s390x",
            "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.47.2.s390x",
            "SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.47.2.s390x",
            "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.47.2.s390x",
            "SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.47.2.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.47.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.47.2.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.47.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.47.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-06-24T13:44:12Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-6104"
    },
    {
      "cve": "CVE-2025-22869",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-22869"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.47.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.47.2.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.47.2.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.47.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.47.2.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.47.2.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.x86_64",
          "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.47.2.aarch64",
          "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.47.2.s390x",
          "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.47.2.x86_64",
          "SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.47.2.aarch64",
          "SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.47.2.s390x",
          "SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.47.2.x86_64",
          "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.47.2.aarch64",
          "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.47.2.s390x",
          "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.47.2.x86_64",
          "SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.47.2.aarch64",
          "SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.47.2.s390x",
          "SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.47.2.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.47.2.noarch",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.47.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.47.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.47.2.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.47.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.47.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-22869",
          "url": "https://www.suse.com/security/cve/CVE-2025-22869"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239322 for CVE-2025-22869",
          "url": "https://bugzilla.suse.com/1239322"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.47.2.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.47.2.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.47.2.s390x",
            "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.47.2.s390x",
            "SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.47.2.s390x",
            "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.47.2.s390x",
            "SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.47.2.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.47.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.47.2.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.47.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.47.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.47.2.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.47.2.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.47.2.s390x",
            "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.47.2.s390x",
            "SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.47.2.s390x",
            "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.47.2.s390x",
            "SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.47.2.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.47.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.47.2.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.47.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.47.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-06-24T13:44:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-22869"
    },
    {
      "cve": "CVE-2025-27144",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-27144"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. In versions on the 4.x branch prior to version 4.0.5, when parsing compact JWS or JWE input, Go JOSE could use excessive memory. The code used strings.Split(token, \".\") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters.  An attacker could exploit this by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service. Version 4.0.5 fixes this issue. As a workaround, applications could pre-validate that payloads passed to Go JOSE do not contain an excessive number of `.` characters.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.47.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.47.2.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.47.2.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.47.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.47.2.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.47.2.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.x86_64",
          "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.47.2.aarch64",
          "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.47.2.s390x",
          "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.47.2.x86_64",
          "SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.47.2.aarch64",
          "SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.47.2.s390x",
          "SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.47.2.x86_64",
          "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.47.2.aarch64",
          "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.47.2.s390x",
          "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.47.2.x86_64",
          "SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.47.2.aarch64",
          "SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.47.2.s390x",
          "SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.47.2.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.47.2.noarch",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.47.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.47.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.47.2.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.47.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.47.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-27144",
          "url": "https://www.suse.com/security/cve/CVE-2025-27144"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1237608 for CVE-2025-27144",
          "url": "https://bugzilla.suse.com/1237608"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1237609 for CVE-2025-27144",
          "url": "https://bugzilla.suse.com/1237609"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.47.2.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.47.2.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.47.2.s390x",
            "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.47.2.s390x",
            "SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.47.2.s390x",
            "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.47.2.s390x",
            "SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.47.2.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.47.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.47.2.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.47.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.47.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.47.2.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.47.2.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.47.2.s390x",
            "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.47.2.s390x",
            "SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.47.2.s390x",
            "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.47.2.s390x",
            "SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.47.2.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.47.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.47.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.47.2.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.47.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.47.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-06-24T13:44:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-27144"
    }
  ]
}

CVE-2024-6104 (GCVE-0-2024-6104)

Vulnerability from cvelistv5 – Published: 2024-06-24 17:06 – Updated: 2024-08-01 21:33

Summary

go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7.

Severity ?

6 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

CWE

CWE-532 - Insertion of Sensitive Information into Log File

Assigner

HashiCorp

References

URL

Tags

https://discuss.hashicorp.com/c/security

Impacted products

	Vendor	Product	Version
	HashiCorp	Shared library	Affected: 0 , < 0.7.7 (semver)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-6104",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-24T19:19:22.878144Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-24T19:19:28.773Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T21:33:04.395Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://discuss.hashicorp.com/c/security"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "64 bit",
            "32 bit",
            "x86",
            "ARM",
            "MacOS",
            "Windows",
            "Linux"
          ],
          "product": "Shared library",
          "repo": "https://github.com/hashicorp/go-retryablehttp",
          "vendor": "HashiCorp",
          "versions": [
            {
              "lessThan": "0.7.7",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003ego-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7.\u003c/p\u003e\u003cbr/\u003e"
            }
          ],
          "value": "go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-118",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-118: Collect and Analyze Information"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "CWE-532: Insertion of Sensitive Information into Log File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-24T17:06:21.150Z",
        "orgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
        "shortName": "HashiCorp"
      },
      "references": [
        {
          "url": "https://discuss.hashicorp.com/c/security"
        }
      ],
      "source": {
        "advisory": "HCSEC-2024-12",
        "discovery": "EXTERNAL"
      },
      "title": "go-retryablehttp can leak basic auth credentials to log files"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
    "assignerShortName": "HashiCorp",
    "cveId": "CVE-2024-6104",
    "datePublished": "2024-06-24T17:06:21.150Z",
    "dateReserved": "2024-06-17T22:19:58.680Z",
    "dateUpdated": "2024-08-01T21:33:04.395Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-27144 (GCVE-0-2025-27144)

Vulnerability from cvelistv5 – Published: 2025-02-24 22:22 – Updated: 2025-02-25 14:27

Summary

Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. In versions on the 4.x branch prior to version 4.0.5, when parsing compact JWS or JWE input, Go JOSE could use excessive memory. The code used strings.Split(token, ".") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service. Version 4.0.5 fixes this issue. As a workaround, applications could pre-validate that payloads passed to Go JOSE do not contain an excessive number of `.` characters.

Severity ?

6.6 (Medium)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

CWE

CWE-770 - Allocation of Resources Without Limits or Throttling

Assigner

GitHub_M

References

URL

Tags

	https://github.com/go-jose/go-jose/security/advis…	x_refsource_CONFIRM
	https://github.com/go-jose/go-jose/commit/99b346c…	x_refsource_MISC
	https://github.com/go-jose/go-jose/releases/tag/v4.0.5	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	go-jose	go-jose	Affected: >= 4.0.0, < 4.0.5

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-27144",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-25T14:26:42.682392Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-25T14:27:04.978Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "go-jose",
          "vendor": "go-jose",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 4.0.0, \u003c 4.0.5"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. In versions on the 4.x branch prior to version 4.0.5, when parsing compact JWS or JWE input, Go JOSE could use excessive memory. The code used strings.Split(token, \".\") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters.  An attacker could exploit this by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service. Version 4.0.5 fixes this issue. As a workaround, applications could pre-validate that payloads passed to Go JOSE do not contain an excessive number of `.` characters."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "CWE-770: Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-24T22:22:22.863Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/go-jose/go-jose/security/advisories/GHSA-c6gw-w398-hv78",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-c6gw-w398-hv78"
        },
        {
          "name": "https://github.com/go-jose/go-jose/commit/99b346cec4e86d102284642c5dcbe9bb0cacfc22",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/go-jose/go-jose/commit/99b346cec4e86d102284642c5dcbe9bb0cacfc22"
        },
        {
          "name": "https://github.com/go-jose/go-jose/releases/tag/v4.0.5",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/go-jose/go-jose/releases/tag/v4.0.5"
        }
      ],
      "source": {
        "advisory": "GHSA-c6gw-w398-hv78",
        "discovery": "UNKNOWN"
      },
      "title": "Go JOSE\u0027s Parsing Vulnerable to Denial of Service"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-27144",
    "datePublished": "2025-02-24T22:22:22.863Z",
    "dateReserved": "2025-02-19T16:30:47.777Z",
    "dateUpdated": "2025-02-25T14:27:04.978Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-22869 (GCVE-0-2025-22869)

Vulnerability from cvelistv5 – Published: 2025-02-26 03:07 – Updated: 2025-04-11 22:03

Summary

SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted.

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-770 - Allocation of Resources Without Limits or Throttling

Assigner

References

URL

Tags

	https://go.dev/cl/652135
	https://go.dev/issue/71931
	https://pkg.go.dev/vuln/GO-2025-3487

Impacted products

	Vendor	Product	Version
	golang.org/x/crypto	golang.org/x/crypto/ssh	Affected: 0 , < 0.35.0 (semver)

Credits

Yuichi Watanabe

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-22869",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-26T14:57:07.968721Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-770",
                "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-26T14:57:49.252Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-04-11T22:03:24.222Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://security.netapp.com/advisory/ntap-20250411-0010/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://pkg.go.dev",
          "defaultStatus": "unaffected",
          "packageName": "golang.org/x/crypto/ssh",
          "product": "golang.org/x/crypto/ssh",
          "programRoutines": [
            {
              "name": "newHandshakeTransport"
            },
            {
              "name": "handshakeTransport.recordWriteError"
            },
            {
              "name": "handshakeTransport.kexLoop"
            },
            {
              "name": "handshakeTransport.writePacket"
            },
            {
              "name": "Client.Dial"
            },
            {
              "name": "Client.DialContext"
            },
            {
              "name": "Client.DialTCP"
            },
            {
              "name": "Client.Listen"
            },
            {
              "name": "Client.ListenTCP"
            },
            {
              "name": "Client.ListenUnix"
            },
            {
              "name": "Client.NewSession"
            },
            {
              "name": "Dial"
            },
            {
              "name": "DiscardRequests"
            },
            {
              "name": "NewClient"
            },
            {
              "name": "NewClientConn"
            },
            {
              "name": "NewServerConn"
            },
            {
              "name": "Request.Reply"
            },
            {
              "name": "Session.Close"
            },
            {
              "name": "Session.CombinedOutput"
            },
            {
              "name": "Session.Output"
            },
            {
              "name": "Session.RequestPty"
            },
            {
              "name": "Session.RequestSubsystem"
            },
            {
              "name": "Session.Run"
            },
            {
              "name": "Session.SendRequest"
            },
            {
              "name": "Session.Setenv"
            },
            {
              "name": "Session.Shell"
            },
            {
              "name": "Session.Signal"
            },
            {
              "name": "Session.Start"
            },
            {
              "name": "Session.WindowChange"
            },
            {
              "name": "channel.Accept"
            },
            {
              "name": "channel.Close"
            },
            {
              "name": "channel.CloseWrite"
            },
            {
              "name": "channel.Read"
            },
            {
              "name": "channel.ReadExtended"
            },
            {
              "name": "channel.Reject"
            },
            {
              "name": "channel.SendRequest"
            },
            {
              "name": "channel.Write"
            },
            {
              "name": "channel.WriteExtended"
            },
            {
              "name": "connection.SendAuthBanner"
            },
            {
              "name": "curve25519sha256.Client"
            },
            {
              "name": "curve25519sha256.Server"
            },
            {
              "name": "dhGEXSHA.Client"
            },
            {
              "name": "dhGEXSHA.Server"
            },
            {
              "name": "dhGroup.Client"
            },
            {
              "name": "dhGroup.Server"
            },
            {
              "name": "ecdh.Client"
            },
            {
              "name": "ecdh.Server"
            },
            {
              "name": "extChannel.Read"
            },
            {
              "name": "extChannel.Write"
            },
            {
              "name": "mux.OpenChannel"
            },
            {
              "name": "mux.SendRequest"
            },
            {
              "name": "sessionStdin.Close"
            },
            {
              "name": "sshClientKeyboardInteractive.Challenge"
            },
            {
              "name": "tcpListener.Accept"
            },
            {
              "name": "tcpListener.Close"
            },
            {
              "name": "unixListener.Accept"
            },
            {
              "name": "unixListener.Close"
            }
          ],
          "vendor": "golang.org/x/crypto",
          "versions": [
            {
              "lessThan": "0.35.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Yuichi Watanabe"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-770: Allocation of Resources Without Limits or Throttling",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-26T03:07:48.855Z",
        "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "shortName": "Go"
      },
      "references": [
        {
          "url": "https://go.dev/cl/652135"
        },
        {
          "url": "https://go.dev/issue/71931"
        },
        {
          "url": "https://pkg.go.dev/vuln/GO-2025-3487"
        }
      ],
      "title": "Potential denial of service in golang.org/x/crypto"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
    "assignerShortName": "Go",
    "cveId": "CVE-2025-22869",
    "datePublished": "2025-02-26T03:07:48.855Z",
    "dateReserved": "2025-01-08T19:11:42.834Z",
    "dateUpdated": "2025-04-11T22:03:24.222Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

SUSE-RU-2025:02091-1

CVE-2024-6104 (GCVE-0-2024-6104)

CVE-2025-27144 (GCVE-0-2025-27144)

CVE-2025-22869 (GCVE-0-2025-22869)

Tags

Sightings

Nomenclature