Search criteria
194 vulnerabilities
CVE-2025-67858 (GCVE-0-2025-67858)
Vulnerability from cvelistv5 – Published: 2026-01-08 15:23 – Updated: 2026-01-08 15:39
VLAI?
Title
A crafted "interface" input parameter can lead to integrity loss of the firewall configuration
Summary
A Improper Neutralization of Argument Delimiters vulnerability in Foomuuri can lead to integrity loss of the firewall configuration or further unspecified impact by manipulating the JSON configuration passed to `nft`.
This issue affects Foomuuri: from ? before 0.31.
Severity ?
CWE
- CWE-88 - Improper Neutralization of Argument Delimiters
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| https://github.com/FoobarOy/ | Foomuuri |
Affected:
? , < 0.31
(semver)
|
Credits
Matthias Gerstner of SUSE
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-67858",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-08T15:39:30.668665Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-08T15:39:49.947Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "Foomuuri",
"product": "Foomuuri",
"vendor": "https://github.com/FoobarOy/",
"versions": [
{
"lessThan": "0.31",
"status": "affected",
"version": "?",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Matthias Gerstner of SUSE"
}
],
"datePublic": "2026-01-07T11:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A Improper Neutralization of Argument Delimiters vulnerability in Foomuuri can lead to integrity loss of the firewall configuration or further unspecified impact by manipulating the JSON configuration passed to `nft`.\u003cbr\u003e\u003cp\u003eThis issue affects Foomuuri: from ? before 0.31.\u003c/p\u003e"
}
],
"value": "A Improper Neutralization of Argument Delimiters vulnerability in Foomuuri can lead to integrity loss of the firewall configuration or further unspecified impact by manipulating the JSON configuration passed to `nft`.\nThis issue affects Foomuuri: from ? before 0.31."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-88",
"description": "CWE-88: Improper Neutralization of Argument Delimiters",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-08T15:23:46.487Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-67858"
},
{
"url": "https://security.opensuse.org/2026/01/07/foomuuri-lack-of-dbus-authorization.html"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "A crafted \"interface\" input parameter can lead to integrity loss of the firewall configuration",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2025-67858",
"datePublished": "2026-01-08T15:23:46.487Z",
"dateReserved": "2025-12-12T14:23:59.780Z",
"dateUpdated": "2026-01-08T15:39:49.947Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-67603 (GCVE-0-2025-67603)
Vulnerability from cvelistv5 – Published: 2026-01-08 15:04 – Updated: 2026-01-08 15:41
VLAI?
Title
Lack of client authorization allows arbitrary users to influence the firewall configuration
Summary
A Improper Authorization vulnerability in Foomuuri llows arbitrary users to influence the firewall configuration.This issue affects Foomuuri: from ? before 0.31.
Severity ?
CWE
- CWE-285 - Improper Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| https://github.com/FoobarOy/ | Foomuuri |
Affected:
? , < 0.31
(semver)
|
Credits
Matthias Gerstner of SUSE
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-67603",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-08T15:41:06.686787Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-08T15:41:26.526Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "Foomuuri",
"product": "Foomuuri",
"vendor": "https://github.com/FoobarOy/",
"versions": [
{
"lessThan": "0.31",
"status": "affected",
"version": "?",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Matthias Gerstner of SUSE"
}
],
"datePublic": "2026-01-07T11:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A Improper Authorization vulnerability in Foomuuri\u0026nbsp;llows arbitrary users to influence the firewall configuration.\u003cp\u003eThis issue affects Foomuuri: from ? before 0.31.\u003c/p\u003e"
}
],
"value": "A Improper Authorization vulnerability in Foomuuri\u00a0llows arbitrary users to influence the firewall configuration.This issue affects Foomuuri: from ? before 0.31."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285: Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-08T15:05:25.193Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-67603"
},
{
"url": "https://security.opensuse.org/2026/01/07/foomuuri-lack-of-dbus-authorization.html"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Lack of client authorization allows arbitrary users to influence the firewall configuration",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2025-67603",
"datePublished": "2026-01-08T15:04:43.116Z",
"dateReserved": "2025-12-09T14:05:21.453Z",
"dateUpdated": "2026-01-08T15:41:26.526Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-66003 (GCVE-0-2025-66003)
Vulnerability from cvelistv5 – Published: 2026-01-08 14:58 – Updated: 2026-01-08 15:43
VLAI?
Title
Local users can perform a local root exploit via smb4k mounthelper
Summary
An External Control of File Name or Path vulnerability in smb4k allowsl ocal users to perform a local root exploit via smb4k mounthelper if they can access and control the contents of a Samba shareThis issue affects smb4k: from ? before 4.0.5.
Severity ?
CWE
- CWE-73 - External Control of File Name or Path
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| https://github.com/KDE/ | smb4k |
Affected:
? , < 4.0.5
(semver)
|
Credits
Matthias Gerstner of SUSE
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-66003",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-08T15:42:56.996525Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-08T15:43:16.738Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "smb4k",
"product": "smb4k",
"vendor": "https://github.com/KDE/",
"versions": [
{
"lessThan": "4.0.5",
"status": "affected",
"version": "?",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Matthias Gerstner of SUSE"
}
],
"datePublic": "2025-12-10T11:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An External Control of File Name or Path vulnerability in smb4k allowsl ocal users to perform a local root exploit via smb4k mounthelper if they can access and control the contents of a Samba share\u003cp\u003eThis issue affects smb4k: from ? before 4.0.5.\u003c/p\u003e"
}
],
"value": "An External Control of File Name or Path vulnerability in smb4k allowsl ocal users to perform a local root exploit via smb4k mounthelper if they can access and control the contents of a Samba shareThis issue affects smb4k: from ? before 4.0.5."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-73",
"description": "CWE-73: External Control of File Name or Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-08T14:58:46.292Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-66003"
},
{
"url": "https://security.opensuse.org/2025/12/10/smb4k-major-issues-in-kauth-helper.html"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Local users can perform a local root exploit via smb4k mounthelper",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2025-66003",
"datePublished": "2026-01-08T14:58:46.292Z",
"dateReserved": "2025-11-19T08:52:54.076Z",
"dateUpdated": "2026-01-08T15:43:16.738Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-66002 (GCVE-0-2025-66002)
Vulnerability from cvelistv5 – Published: 2026-01-08 14:25 – Updated: 2026-01-08 15:55
VLAI?
Title
Local users can perform arbitrary unmounts via smb4k mount helper due to lack of input validation
Summary
An Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability allows local users ton perform arbitrary unmounts via smb4k mount helper
Severity ?
CWE
- CWE-88 - Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| https://github.com/KDE/ | smb4k |
Affected:
? , < 4.0.5
(semver)
|
Credits
Matthias Gerstner of SUSE
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-66002",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-08T15:55:46.139048Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-08T15:55:57.881Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "smb4k",
"product": "smb4k",
"vendor": "https://github.com/KDE/",
"versions": [
{
"lessThan": "4.0.5",
"status": "affected",
"version": "?",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Matthias Gerstner of SUSE"
}
],
"datePublic": "2025-12-10T11:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027) vulnerability allows local users ton perform arbitrary unmounts via smb4k mount helper"
}
],
"value": "An Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027) vulnerability allows local users ton perform arbitrary unmounts via smb4k mount helper"
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-88",
"description": "CWE-88: Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-08T14:25:44.172Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-66002"
},
{
"url": "https://security.opensuse.org/2025/12/10/smb4k-major-issues-in-kauth-helper.html"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Local users can perform arbitrary unmounts via smb4k mount helper due to lack of input validation",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2025-66002",
"datePublished": "2026-01-08T14:25:44.172Z",
"dateReserved": "2025-11-19T08:52:54.076Z",
"dateUpdated": "2026-01-08T15:55:57.881Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-62877 (GCVE-0-2025-62877)
Vulnerability from cvelistv5 – Published: 2026-01-08 12:29 – Updated: 2026-01-08 14:43
VLAI?
Title
Harvest may expose OS default ssh login password via SUSE Virtualization Interactive Installer
Summary
Projects using the SUSE Virtualization (Harvester) environment may expose the OS default ssh login password if they are using the 1.5.x or 1.6.x interactive installer to either create a new cluster or add new hosts to an existing cluster. The environment is not affected if the PXE boot mechanism is utilized along with the Harvester configuration setup.
Severity ?
9.8 (Critical)
CWE
- CWE-1188 - Initialization of a Resource with an Insecure Default
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-62877",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-08T14:40:02.987768Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-08T14:43:34.114Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "github.com/harvester/harvester-installer",
"product": "harvester",
"vendor": "SUSE",
"versions": [
{
"status": "affected",
"version": "1.6.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "1.5.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2026-01-05T19:25:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Projects using the SUSE Virtualization (Harvester) environment may\u0026nbsp;expose the OS default ssh login password\u0026nbsp;\u0026nbsp;if they are using the 1.5.x or 1.6.x interactive installer to either create a new cluster or add new hosts to an existing cluster. The environment is not affected if the PXE boot mechanism is utilized along with the Harvester configuration\u0026nbsp;setup."
}
],
"value": "Projects using the SUSE Virtualization (Harvester) environment may\u00a0expose the OS default ssh login password\u00a0\u00a0if they are using the 1.5.x or 1.6.x interactive installer to either create a new cluster or add new hosts to an existing cluster. The environment is not affected if the PXE boot mechanism is utilized along with the Harvester configuration\u00a0setup."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1188",
"description": "CWE-1188: Initialization of a Resource with an Insecure Default",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-08T12:29:07.079Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-62877"
},
{
"url": "https://github.com/harvester/harvester/security/advisories/GHSA-6g8q-hp2j-gvwv"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Harvest may expose OS default ssh login password via SUSE Virtualization Interactive Installer",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2025-62877",
"datePublished": "2026-01-08T12:29:07.079Z",
"dateReserved": "2025-10-24T10:34:22.765Z",
"dateUpdated": "2026-01-08T14:43:34.114Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-66001 (GCVE-0-2025-66001)
Vulnerability from cvelistv5 – Published: 2026-01-08 10:23 – Updated: 2026-01-08 14:56
VLAI?
Title
NeuVector OpenID Connect is vulnerable to man-in-the-middle (MITM)
Summary
NeuVector supports login authentication through OpenID Connect. However, the TLS verification (which verifies the remote server's authenticity and integrity) for OpenID Connect is not enforced by default. As a result this may expose the system to man-in-the-middle (MITM) attacks.
Severity ?
8.8 (High)
CWE
- CWE-295 - Improper Certificate Validation
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-66001",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-08T14:55:45.323632Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-08T14:56:07.901Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "github.com/neuvector/neuvector",
"product": "neuvector",
"vendor": "SUSE",
"versions": [
{
"lessThan": "5.4.8",
"status": "affected",
"version": "5.3.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-12-12T18:22:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "NeuVector supports login authentication through OpenID Connect. However, the TLS verification (which verifies the remote server\u0027s authenticity and integrity) for OpenID Connect is not enforced by default. As a result this may expose the system to man-in-the-middle (MITM) attacks."
}
],
"value": "NeuVector supports login authentication through OpenID Connect. However, the TLS verification (which verifies the remote server\u0027s authenticity and integrity) for OpenID Connect is not enforced by default. As a result this may expose the system to man-in-the-middle (MITM) attacks."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295: Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-08T10:23:18.934Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-66001"
},
{
"url": "https://github.com/neuvector/neuvector/security/advisories/GHSA-4jj9-cgqc-x9h5"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "NeuVector OpenID Connect is vulnerable to man-in-the-middle (MITM)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2025-66001",
"datePublished": "2026-01-08T10:23:18.934Z",
"dateReserved": "2025-11-19T08:52:54.076Z",
"dateUpdated": "2026-01-08T14:56:07.901Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-66004 (GCVE-0-2025-66004)
Vulnerability from cvelistv5 – Published: 2025-12-10 09:10 – Updated: 2025-12-22 00:14
VLAI?
Title
Local privilege escalation in usbmuxd from arbitrary local user to usbmux
Summary
A Path Traversal vulnerability in usbmuxd allows local users to escalate to the service user.This issue affects usbmuxd: before 3ded00c9985a5108cfc7591a309f9a23d57a8cba.
Severity ?
5.7 (Medium)
CWE
- CWE-35 - Path Traversal: '.../...//'
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| libimobiledevice | usbmuxd |
Affected:
0 , < 3ded00c9985a5108cfc7591a309f9a23d57a8cba
(custom)
|
Credits
Wolfgang Frisch of SUSE
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-66004",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-10T16:58:27.959738Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-10T16:58:57.010Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-12-22T00:14:10.394Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/12/msg00027.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "usbmuxd",
"product": "usbmuxd",
"vendor": "libimobiledevice",
"versions": [
{
"lessThan": "3ded00c9985a5108cfc7591a309f9a23d57a8cba",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Wolfgang Frisch of SUSE"
}
],
"datePublic": "2025-11-27T16:50:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A Path Traversal vulnerability in usbmuxd allows local users to escalate to the service user.\u003cp\u003eThis issue affects usbmuxd: before 3ded00c9985a5108cfc7591a309f9a23d57a8cba.\u003c/p\u003e"
}
],
"value": "A Path Traversal vulnerability in usbmuxd allows local users to escalate to the service user.This issue affects usbmuxd: before 3ded00c9985a5108cfc7591a309f9a23d57a8cba."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-35",
"description": "CWE-35: Path Traversal: \u0027.../...//\u0027",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-10T09:10:14.533Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-66004"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Local privilege escalation in usbmuxd from arbitrary local user to usbmux",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2025-66004",
"datePublished": "2025-12-10T09:10:14.533Z",
"dateReserved": "2025-11-19T08:52:54.077Z",
"dateUpdated": "2025-12-22T00:14:10.394Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-62875 (GCVE-0-2025-62875)
Vulnerability from cvelistv5 – Published: 2025-11-20 16:02 – Updated: 2025-11-21 16:28
VLAI?
Title
Local DoS in OpenSMTPD via UNIX domain socket smtpd.sock
Summary
An Improper Check for Unusual or Exceptional Conditions vulnerability in OpenSMTPD allows local users to crash OpenSMTPD.
This issue affects openSUSE Tumbleweed: from ? before 7.8.0p0-1.1.
Severity ?
CWE
- CWE-754 - Improper Check for Unusual or Exceptional Conditions
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SUSE | openSUSE Tumbleweed |
Affected:
? , < 7.8.0p0-1.1
(custom)
|
Credits
Matthias Gerstner of SUSE
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-20T16:06:09.067Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/10/31/3"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-62875",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-21T16:28:15.978148Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-21T16:28:18.612Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://security.opensuse.org/2025/10/31/opensmtpd-local-DoS.html#reproducer"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "OpenSMTPD",
"product": "openSUSE Tumbleweed",
"vendor": "SUSE",
"versions": [
{
"lessThan": "7.8.0p0-1.1",
"status": "affected",
"version": "?",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Matthias Gerstner of SUSE"
}
],
"datePublic": "2025-11-19T16:05:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eAn Improper Check for Unusual or Exceptional Conditions vulnerability in OpenSMTPD\u0026nbsp;allows local users to crash\u0026nbsp;OpenSMTPD.\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eThis issue affects openSUSE Tumbleweed: from ? before 7.8.0p0-1.1.\u003c/div\u003e"
}
],
"value": "An Improper Check for Unusual or Exceptional Conditions vulnerability in OpenSMTPD\u00a0allows local users to crash\u00a0OpenSMTPD.\n\n\n\n\nThis issue affects openSUSE Tumbleweed: from ? before 7.8.0p0-1.1."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754: Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T16:02:11.542Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-62875"
},
{
"url": "https://security.opensuse.org/2025/10/31/opensmtpd-local-DoS.html"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Local DoS in OpenSMTPD via UNIX domain socket smtpd.sock",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2025-62875",
"datePublished": "2025-11-20T16:02:11.542Z",
"dateReserved": "2025-10-24T10:34:22.764Z",
"dateUpdated": "2025-11-21T16:28:18.612Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-62876 (GCVE-0-2025-62876)
Vulnerability from cvelistv5 – Published: 2025-11-12 12:57 – Updated: 2025-11-17 17:03
VLAI?
Summary
A Execution with Unnecessary Privileges vulnerability in lightdm-kde-greeter allows escalation from the service user to root.This issue affects lightdm-kde-greeter. before 6.0.4.
Severity ?
CWE
- CWE-250 - Execution with Unnecessary Privileges
Assigner
References
Credits
Matthias Gerstner of SUSE
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-62876",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-12T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-13T04:55:14.568Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-17T17:03:53.487Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/11/17/4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "lightdm-kde-greeter",
"product": "openSUSE",
"vendor": "SUSE",
"versions": [
{
"lessThan": "6.0.4",
"status": "affected",
"version": "?",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Matthias Gerstner of SUSE"
}
],
"datePublic": "2025-11-04T11:16:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A Execution with Unnecessary Privileges vulnerability in lightdm-kde-greeter allows escalation from the service user to root.\u003cp\u003eThis issue affects lightdm-kde-greeter.\u0026nbsp;before 6.0.4.\u003c/p\u003e"
}
],
"value": "A Execution with Unnecessary Privileges vulnerability in lightdm-kde-greeter allows escalation from the service user to root.This issue affects lightdm-kde-greeter.\u00a0before 6.0.4."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250: Execution with Unnecessary Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-12T12:57:54.078Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-62876"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2025-62876",
"datePublished": "2025-11-12T12:57:54.078Z",
"dateReserved": "2025-10-24T10:34:22.765Z",
"dateUpdated": "2025-11-17T17:03:53.487Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-53883 (GCVE-0-2025-53883)
Vulnerability from cvelistv5 – Published: 2025-10-30 10:50 – Updated: 2025-10-31 03:55
VLAI?
Title
spacewalk-java has various XSS issues on search page
Summary
A Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability allows attackers to run arbitrary javascript via a reflected XSS issue in the search fields.This issue affects Container suse/manager/5.0/x86_64/server:latest: from ? before 5.0.28-150600.3.36.8; SUSE Manager Server LTS 4.3: from ? before 4.3.88-150400.3.113.5.
Severity ?
CWE
- CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| SUSE | Container suse manager 5.0 |
Affected:
0 , < 5.0.28-150600.3.36.8
(custom)
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53883",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-30T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-31T03:55:20.245Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "spacewalk-java",
"product": "Container suse manager 5.0",
"vendor": "SUSE",
"versions": [
{
"lessThan": "5.0.28-150600.3.36.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "spacewalk-java",
"product": "SUSE Manager Server LTS 4.3",
"vendor": "SUSE",
"versions": [
{
"lessThan": "4.3.88-150400.3.113.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:container_suse_manager_5.0:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.0.28-150600.3.36.8",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:suse_manager_server_lts_4.3:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.3.88-150400.3.113.5",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"datePublic": "2025-10-28T07:12:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability allows attackers to run arbitrary javascript via a reflected XSS issue in the search fields.\u003cp\u003eThis issue affects Container suse/manager/5.0/x86_64/server:latest: from ? before 5.0.28-150600.3.36.8; SUSE Manager Server LTS 4.3: from ? before 4.3.88-150400.3.113.5.\u003c/p\u003e"
}
],
"value": "A Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability allows attackers to run arbitrary javascript via a reflected XSS issue in the search fields.This issue affects Container suse/manager/5.0/x86_64/server:latest: from ? before 5.0.28-150600.3.36.8; SUSE Manager Server LTS 4.3: from ? before 4.3.88-150400.3.113.5."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-80",
"description": "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-30T10:50:07.580Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-53883"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "spacewalk-java has various XSS issues on search page",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2025-53883",
"datePublished": "2025-10-30T10:50:07.580Z",
"dateReserved": "2025-07-11T10:53:52.681Z",
"dateUpdated": "2025-10-31T03:55:20.245Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-53880 (GCVE-0-2025-53880)
Vulnerability from cvelistv5 – Published: 2025-10-30 10:31 – Updated: 2025-10-31 03:55
VLAI?
Title
susemanager-tftpsync-recv allows arbitrary file creation and deletion due to path traversal
Summary
A Path Traversal vulnerability in the tftpsync/add and tftpsync/delete scripts allows a remote attacker on an adjacent network to write or delete files on the filesystem with the privileges of the unprivileged wwwrun user. Although the endpoint is unauthenticated, access is restricted to a list of allowed IP addresses.
Severity ?
CWE
- CWE-35 - Path Traversal
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| SUSE | Container suse/manager/4.3/proxy-httpd:latest |
Affected:
? , < 4.3.11-150400.3.15.3
(custom)
|
|||||||||||||||||
|
|||||||||||||||||||
Credits
Paolo Perego of SUSE
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53880",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-30T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-31T03:55:25.371Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "susemanager-tftpsync-recv",
"product": "Container suse/manager/4.3/proxy-httpd:latest",
"vendor": "SUSE",
"versions": [
{
"lessThan": "4.3.11-150400.3.15.3",
"status": "affected",
"version": "?",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "susemanager-tftpsync-recv",
"product": "Container suse/manager/5.0/x86_64/proxy-httpd:latest",
"vendor": "SUSE",
"versions": [
{
"lessThan": "5.0.3-150600.3.6.4",
"status": "affected",
"version": "?",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "susemanager-tftpsync-recv",
"product": "Container suse/multi-linux-manager/5.1/x86_64/proxy-httpd:latest",
"vendor": "SUSE",
"versions": [
{
"lessThan": "5.1.3-150700.3.3.3",
"status": "affected",
"version": "?",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "susemanager-tftpsync-recv",
"product": "SUSE Manager Proxy LTS 4.3",
"vendor": "SUSE",
"versions": [
{
"lessThan": "4.3.11-150400.3.15.3",
"status": "affected",
"version": "?",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Paolo Perego of SUSE"
}
],
"datePublic": "2025-10-28T07:12:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eA Path Traversal vulnerability in the tftpsync/add and tftpsync/delete scripts allows a remote attacker on an adjacent network to write or delete files on the filesystem with the privileges of the unprivileged wwwrun user. Although the endpoint is unauthenticated, access is restricted to a list of allowed IP addresses.\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e"
}
],
"value": "A Path Traversal vulnerability in the tftpsync/add and tftpsync/delete scripts allows a remote attacker on an adjacent network to write or delete files on the filesystem with the privileges of the unprivileged wwwrun user. Although the endpoint is unauthenticated, access is restricted to a list of allowed IP addresses."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-35",
"description": "CWE-35: Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-30T10:33:26.970Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-53880"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "susemanager-tftpsync-recv allows arbitrary file creation and deletion due to path traversal",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2025-53880",
"datePublished": "2025-10-30T10:31:15.866Z",
"dateReserved": "2025-07-11T10:53:52.681Z",
"dateUpdated": "2025-10-31T03:55:25.371Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-54471 (GCVE-0-2025-54471)
Vulnerability from cvelistv5 – Published: 2025-10-30 09:45 – Updated: 2025-10-30 13:59
VLAI?
Title
NeuVector is shipping cryptographic material into its binary
Summary
NeuVector used a hard-coded cryptographic key embedded in the source
code. At compilation time, the key value was replaced with the secret
key value and used to encrypt sensitive configurations when NeuVector
stores the data.
Severity ?
6.5 (Medium)
CWE
- CWE-321 - Use of Hard-coded Cryptographic Key
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-54471",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-30T13:59:48.001541Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-30T13:59:54.426Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "github.com/neuvector/neuvector",
"product": "neuvector",
"vendor": "SUSE",
"versions": [
{
"lessThan": "5.4.7",
"status": "affected",
"version": "5.3.0",
"versionType": "semver"
},
{
"lessThan": "0.0.0-20251020133207-084a437033b4",
"status": "affected",
"version": "0.0.0-20230727023453-1c4957d53911",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-10-21T18:26:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "NeuVector used a hard-coded cryptographic key embedded in the source \ncode. At compilation time, the key value was replaced with the secret \nkey value and used to encrypt sensitive configurations when NeuVector \nstores the data.\u003cbr\u003e"
}
],
"value": "NeuVector used a hard-coded cryptographic key embedded in the source \ncode. At compilation time, the key value was replaced with the secret \nkey value and used to encrypt sensitive configurations when NeuVector \nstores the data."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-321",
"description": "CWE-321: Use of Hard-coded Cryptographic Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-30T09:45:56.931Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-54471"
},
{
"url": "https://github.com/neuvector/neuvector/security/advisories/GHSA-h773-7gf7-9m2x"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "NeuVector is shipping cryptographic material into its binary",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2025-54471",
"datePublished": "2025-10-30T09:45:56.931Z",
"dateReserved": "2025-07-23T08:11:16.426Z",
"dateUpdated": "2025-10-30T13:59:54.426Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-54469 (GCVE-0-2025-54469)
Vulnerability from cvelistv5 – Published: 2025-10-30 09:41 – Updated: 2025-10-31 03:55
VLAI?
Title
NeuVector Enforcer is vulnerable to Command Injection and Buffer overflow
Summary
A vulnerability was identified in NeuVector, where the enforcer used environment variables CLUSTER_RPC_PORT and CLUSTER_LAN_PORT to generate a command to be executed via popen, without first sanitising their values.
The entry process of the enforcer container is the monitor
process. When the enforcer container stops, the monitor process checks
whether the consul subprocess has exited. To perform this check, the
monitor process uses the popen function to execute a shell command that determines whether the ports used by the consul subprocess are still active.
The values of environment variables CLUSTER_RPC_PORT and CLUSTER_LAN_PORT
are used directly to compose shell commands via popen without
validation or sanitization. This behavior could allow a malicious user
to inject malicious commands through these variables within the enforcer
container.
Severity ?
9.9 (Critical)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-54469",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-30T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-31T03:55:27.162Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "github.com/neuvector/neuvector",
"product": "neuvector",
"vendor": "SUSE",
"versions": [
{
"lessThan": "5.3.5",
"status": "affected",
"version": "5.3.0",
"versionType": "semver"
},
{
"lessThan": "5.4.7",
"status": "affected",
"version": "5.4.0",
"versionType": "semver"
},
{
"lessThan": "0.0.0-20251020133207-084a437033b4",
"status": "affected",
"version": "0.0.0-20230727023453-1c4957d53911",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-10-21T18:25:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA vulnerability was identified in NeuVector, where the enforcer used environment variables \u003ccode\u003eCLUSTER_RPC_PORT\u003c/code\u003e and \u003ccode\u003eCLUSTER_LAN_PORT\u003c/code\u003e to generate a command to be executed via \u003ccode\u003epopen\u003c/code\u003e, without first sanitising their values.\u003c/p\u003e\n\u003cp\u003eThe entry process of the enforcer container is the monitor\n process. When the enforcer container stops, the monitor process checks \nwhether the consul subprocess has exited. To perform this check, the \nmonitor process uses the \u003ccode\u003epopen\u003c/code\u003e function to execute a shell command that determines whether the ports used by the consul subprocess are still active.\u003c/p\u003e\n\u003cp\u003eThe values of environment variables \u003ccode\u003eCLUSTER_RPC_PORT\u003c/code\u003e and \u003ccode\u003eCLUSTER_LAN_PORT\u003c/code\u003e\n are used directly to compose shell commands via popen without \nvalidation or sanitization. This behavior could allow a malicious user \nto inject malicious commands through these variables within the enforcer\n container.\u003c/p\u003e"
}
],
"value": "A vulnerability was identified in NeuVector, where the enforcer used environment variables CLUSTER_RPC_PORT and CLUSTER_LAN_PORT to generate a command to be executed via popen, without first sanitising their values.\n\n\nThe entry process of the enforcer container is the monitor\n process. When the enforcer container stops, the monitor process checks \nwhether the consul subprocess has exited. To perform this check, the \nmonitor process uses the popen function to execute a shell command that determines whether the ports used by the consul subprocess are still active.\n\n\nThe values of environment variables CLUSTER_RPC_PORT and CLUSTER_LAN_PORT\n are used directly to compose shell commands via popen without \nvalidation or sanitization. This behavior could allow a malicious user \nto inject malicious commands through these variables within the enforcer\n container."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-30T09:44:09.453Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-54469"
},
{
"url": "https://github.com/neuvector/neuvector/security/advisories/GHSA-c8g6-qrwh-m3vp"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "NeuVector Enforcer is vulnerable to Command Injection and Buffer overflow",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2025-54469",
"datePublished": "2025-10-30T09:41:57.086Z",
"dateReserved": "2025-07-23T08:11:16.425Z",
"dateUpdated": "2025-10-31T03:55:27.162Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-54470 (GCVE-0-2025-54470)
Vulnerability from cvelistv5 – Published: 2025-10-30 09:38 – Updated: 2025-10-30 14:01
VLAI?
Title
NeuVector telemetry sender is vulnerable to MITM and DoS
Summary
This vulnerability affects NeuVector deployments only when the Report anonymous cluster data option is enabled. When this option is enabled, NeuVector sends anonymous telemetry data to the telemetry server.
In affected versions, NeuVector does not enforce TLS
certificate verification when transmitting anonymous cluster data to the
telemetry server. As a result, the communication channel is susceptible
to man-in-the-middle (MITM) attacks, where an attacker could intercept
or modify the transmitted data. Additionally, NeuVector loads the
response of the telemetry server is loaded into memory without size
limitation, which makes it vulnerable to a Denial of Service(DoS)
attack
Severity ?
8.6 (High)
CWE
- CWE-295 - Improper Certificate Validation
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-54470",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-30T14:00:57.006132Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-30T14:01:08.513Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "https://github.com/neuvector/neuvector",
"product": "neuvector",
"vendor": "SUSE",
"versions": [
{
"lessThan": "5.3.5",
"status": "affected",
"version": "5.3.0",
"versionType": "semver"
},
{
"lessThan": "5.4.7",
"status": "affected",
"version": "5.4.0",
"versionType": "semver"
},
{
"lessThan": "0.0.0-20251020133207-084a437033b4",
"status": "affected",
"version": "0.0.0-20230727023453-1c4957d53911",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-10-21T18:25:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThis vulnerability affects NeuVector deployments only when the \u003ccode\u003eReport anonymous cluster data option\u003c/code\u003e is enabled. When this option is enabled, NeuVector sends anonymous telemetry data to the telemetry server.\u003c/p\u003e\n\u003cp\u003eIn affected versions, NeuVector does not enforce TLS \ncertificate verification when transmitting anonymous cluster data to the\n telemetry server. As a result, the communication channel is susceptible\n to man-in-the-middle (MITM) attacks, where an attacker could intercept \nor modify the transmitted data. Additionally, NeuVector loads the \nresponse of the telemetry server is loaded into memory without size \nlimitation, which makes it vulnerable to a Denial of Service(DoS) \nattack\u003c/p\u003e"
}
],
"value": "This vulnerability affects NeuVector deployments only when the Report anonymous cluster data option is enabled. When this option is enabled, NeuVector sends anonymous telemetry data to the telemetry server.\n\n\nIn affected versions, NeuVector does not enforce TLS \ncertificate verification when transmitting anonymous cluster data to the\n telemetry server. As a result, the communication channel is susceptible\n to man-in-the-middle (MITM) attacks, where an attacker could intercept \nor modify the transmitted data. Additionally, NeuVector loads the \nresponse of the telemetry server is loaded into memory without size \nlimitation, which makes it vulnerable to a Denial of Service(DoS) \nattack"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295: Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-30T09:38:58.261Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-54470"
},
{
"url": "https://github.com/neuvector/neuvector/security/advisories/GHSA-qqj3-g7mx-5p4w"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "NeuVector telemetry sender is vulnerable to MITM and DoS",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2025-54470",
"datePublished": "2025-10-30T09:38:58.261Z",
"dateReserved": "2025-07-23T08:11:16.425Z",
"dateUpdated": "2025-10-30T14:01:08.513Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-58269 (GCVE-0-2024-58269)
Vulnerability from cvelistv5 – Published: 2025-10-29 14:58 – Updated: 2025-10-29 15:10
VLAI?
Title
Rancher exposes sensitive information through audit logs
Summary
A vulnerability has been identified in Rancher Manager, where sensitive
information, including secret data, cluster import URLs, and
registration tokens, is exposed to any entity with access to Rancher
audit logs.
Severity ?
4.3 (Medium)
CWE
- CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-58269",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-29T15:09:03.657329Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-29T15:10:05.138Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "github.com/rancher/rancher",
"product": "rancher",
"vendor": "SUSE",
"versions": [
{
"lessThan": "0.0.0-20251013203444-50dc516a19ea",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-10-24T13:24:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability has been identified in Rancher Manager, where sensitive \ninformation, including secret data, cluster import URLs, and \nregistration tokens, is exposed to any entity with access to Rancher \naudit logs."
}
],
"value": "A vulnerability has been identified in Rancher Manager, where sensitive \ninformation, including secret data, cluster import URLs, and \nregistration tokens, is exposed to any entity with access to Rancher \naudit logs."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532: Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-29T14:58:06.640Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-58269"
},
{
"url": "https://github.com/rancher/rancher/security/advisories/GHSA-mw39-9qc2-f7mg"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Rancher exposes sensitive information through audit logs",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2024-58269",
"datePublished": "2025-10-29T14:58:06.640Z",
"dateReserved": "2025-10-08T13:43:38.712Z",
"dateUpdated": "2025-10-29T15:10:05.138Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-32199 (GCVE-0-2023-32199)
Vulnerability from cvelistv5 – Published: 2025-10-29 14:54 – Updated: 2025-10-29 15:26
VLAI?
Title
Rancher user retains access to clusters despite Global Role removal
Summary
A vulnerability has been identified within Rancher
Manager, where after removing a custom GlobalRole that gives
administrative access or the corresponding binding, the user still
retains access to clusters. This only affects custom Global Roles that have a * on * in * rule for resources or have a * on * rule for non-resource URLs
Severity ?
4.3 (Medium)
CWE
- CWE-281 - Improper Preservation of Permissions
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32199",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-29T15:13:25.439463Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-29T15:26:02.274Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "github.com/rancher/rancher",
"product": "rancher",
"vendor": "SUSE",
"versions": [
{
"lessThan": "0.0.0-20251014212116-7faa74a968c2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-10-24T13:05:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA vulnerability has been identified within Rancher \nManager, where after removing a custom GlobalRole that gives \nadministrative access or the corresponding binding, the user still \nretains access to clusters.\u0026nbsp;This only affects custom Global Roles that\u0026nbsp;have a \u003ccode\u003e*\u003c/code\u003e on \u003ccode\u003e*\u003c/code\u003e in \u003ccode\u003e*\u003c/code\u003e rule for resources or have a \u003ccode\u003e*\u003c/code\u003e on \u003ccode\u003e*\u003c/code\u003e rule for non-resource URLs\u003c/p\u003e"
}
],
"value": "A vulnerability has been identified within Rancher \nManager, where after removing a custom GlobalRole that gives \nadministrative access or the corresponding binding, the user still \nretains access to clusters.\u00a0This only affects custom Global Roles that\u00a0have a * on * in * rule for resources or have a * on * rule for non-resource URLs"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-281",
"description": "CWE-281: Improper Preservation of Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-29T14:57:27.222Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-32199"
},
{
"url": "https://github.com/rancher/rancher/security/advisories/GHSA-j4vr-pcmw-hx59"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Rancher user retains access to clusters despite Global Role removal",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2023-32199",
"datePublished": "2025-10-29T14:54:04.162Z",
"dateReserved": "2023-05-04T08:30:59.323Z",
"dateUpdated": "2025-10-29T15:26:02.274Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-53881 (GCVE-0-2025-53881)
Vulnerability from cvelistv5 – Published: 2025-10-02 13:51 – Updated: 2025-10-02 17:38
VLAI?
Title
SUSE-specific logrotate configuration allows escalation from mail user/group to root
Summary
A UNIX Symbolic Link (Symlink) Following vulnerability in logrotate config in the exim package allowed privilege escalation from mail user/group to root.This issue affects Tumbleweed: from ? before 4.98.2-lp156.248.1.
Severity ?
CWE
- CWE-61 - UNIX Symbolic Link (Symlink) Following
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| openSUSE | Tumbleweed |
Affected:
? , < 4.98.2-lp156.248.1
(semver)
|
Credits
Matthias Gerstner of SUSE
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53881",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-02T17:15:08.115894Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-02T17:38:57.426Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "exim",
"product": "Tumbleweed",
"vendor": "openSUSE",
"versions": [
{
"lessThan": "4.98.2-lp156.248.1",
"status": "affected",
"version": "?",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Matthias Gerstner of SUSE"
}
],
"datePublic": "2025-09-26T04:35:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A UNIX Symbolic Link (Symlink) Following vulnerability in logrotate config in the exim package allowed privilege escalation from mail user/group to root.\u003cp\u003eThis issue affects Tumbleweed: from ? before 4.98.2-lp156.248.1.\u003c/p\u003e"
}
],
"value": "A UNIX Symbolic Link (Symlink) Following vulnerability in logrotate config in the exim package allowed privilege escalation from mail user/group to root.This issue affects Tumbleweed: from ? before 4.98.2-lp156.248.1."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-61",
"description": "CWE-61: UNIX Symbolic Link (Symlink) Following",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-02T13:51:56.848Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-53881"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "SUSE-specific logrotate configuration allows escalation from mail user/group to root",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2025-53881",
"datePublished": "2025-10-02T13:51:56.848Z",
"dateReserved": "2025-07-11T10:53:52.681Z",
"dateUpdated": "2025-10-02T17:38:57.426Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-58260 (GCVE-0-2024-58260)
Vulnerability from cvelistv5 – Published: 2025-10-02 12:09 – Updated: 2025-10-02 15:52
VLAI?
Title
Rancher update on users can deny the service to the admin
Summary
A vulnerability has been identified within Rancher Manager where a missing server-side validation on the `.username` field in Rancher can allow users with update permissions on other User resources to cause denial of access for targeted accounts.
Severity ?
7.6 (High)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-58260",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-02T15:15:54.345379Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-02T15:52:35.703Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "github.com/rancher/rancher",
"product": "rancher",
"vendor": "SUSE",
"versions": [
{
"lessThan": "2.12.2",
"status": "affected",
"version": "2.12.0",
"versionType": "semver"
},
{
"lessThan": "2.11.6",
"status": "affected",
"version": "2.11.0",
"versionType": "semver"
},
{
"lessThan": "2.10.10",
"status": "affected",
"version": "2.10.0",
"versionType": "semver"
},
{
"lessThan": "2.9.12",
"status": "affected",
"version": "2.9.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-09-26T11:02:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability has been identified within Rancher Manager where a missing server-side validation on the `.username` field in Rancher can allow users with update permissions on other User resources to cause denial of access for targeted accounts."
}
],
"value": "A vulnerability has been identified within Rancher Manager where a missing server-side validation on the `.username` field in Rancher can allow users with update permissions on other User resources to cause denial of access for targeted accounts."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-02T12:09:46.203Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-58260"
},
{
"url": "https://github.com/rancher/rancher/security/advisories/GHSA-q82v-h4rq-5c86"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Rancher update on users can deny the service to the admin",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2024-58260",
"datePublished": "2025-10-02T12:09:46.203Z",
"dateReserved": "2025-07-23T08:10:38.954Z",
"dateUpdated": "2025-10-02T15:52:35.703Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-58267 (GCVE-0-2024-58267)
Vulnerability from cvelistv5 – Published: 2025-10-02 12:08 – Updated: 2025-10-03 03:55
VLAI?
Title
Rancher CLI SAML authentication is vulnerable to phishing attacks
Summary
A vulnerability has been identified within Rancher Manager whereby the SAML authentication from the Rancher CLI tool is vulnerable to phishing attacks. The custom authentication protocol for SAML-based providers can be abused to steal Rancher’s authentication tokens.
Severity ?
CWE
- CWE-345 - Insufficient Verification of Data Authenticity
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-58267",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-02T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-03T03:55:35.943Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "github.com/rancher/rancher",
"product": "rancher",
"vendor": "SUSE",
"versions": [
{
"lessThan": "2.12.2",
"status": "affected",
"version": "2.12.0",
"versionType": "semver"
},
{
"lessThan": "2.11.6",
"status": "affected",
"version": "2.11.0",
"versionType": "semver"
},
{
"lessThan": "2.10.10",
"status": "affected",
"version": "2.10.0",
"versionType": "semver"
},
{
"lessThan": "2.9.12",
"status": "affected",
"version": "2.9.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-09-26T11:02:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability has been identified within Rancher Manager whereby the SAML authentication from the Rancher CLI tool is vulnerable to phishing attacks. The custom authentication protocol for SAML-based providers can be abused to steal Rancher\u2019s authentication tokens."
}
],
"value": "A vulnerability has been identified within Rancher Manager whereby the SAML authentication from the Rancher CLI tool is vulnerable to phishing attacks. The custom authentication protocol for SAML-based providers can be abused to steal Rancher\u2019s authentication tokens."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "CWE-345: Insufficient Verification of Data Authenticity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-02T12:08:30.507Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-58267"
},
{
"url": "https://github.com/rancher/rancher/security/advisories/GHSA-v3vj-5868-2ch2"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Rancher CLI SAML authentication is vulnerable to phishing attacks",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2024-58267",
"datePublished": "2025-10-02T12:08:30.507Z",
"dateReserved": "2025-09-04T04:04:22.186Z",
"dateUpdated": "2025-10-03T03:55:35.943Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-54468 (GCVE-0-2025-54468)
Vulnerability from cvelistv5 – Published: 2025-10-02 10:00 – Updated: 2025-10-02 14:10
VLAI?
Title
Rancher sends sensitive information to external services through the `/meta/proxy` endpoint
Summary
A vulnerability has been identified within Rancher Manager whereby `Impersonate-Extra-*` headers are being sent to an external entity, for example `amazonaws.com`, via the `/meta/proxy` Rancher endpoint. These headers may contain identifiable and/or sensitive information e.g. email addresses.
Severity ?
4.7 (Medium)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-54468",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-02T14:10:09.289102Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-02T14:10:23.278Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "github.com/rancher/rancher",
"product": "rancher",
"vendor": "SUSE",
"versions": [
{
"lessThan": "2.12.2",
"status": "affected",
"version": "2.12.0",
"versionType": "semver"
},
{
"lessThan": "2.11.6",
"status": "affected",
"version": "2.11.0",
"versionType": "semver"
},
{
"lessThan": "2.10.10",
"status": "affected",
"version": "2.10.0",
"versionType": "semver"
},
{
"lessThan": "2.9.12",
"status": "affected",
"version": "2.9.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-09-26T11:02:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability has been identified within Rancher Manager whereby `Impersonate-Extra-*` headers are being sent to an external entity, for example `amazonaws.com`, via the `/meta/proxy` Rancher endpoint. These headers may contain identifiable and/or sensitive information e.g. email addresses."
}
],
"value": "A vulnerability has been identified within Rancher Manager whereby `Impersonate-Extra-*` headers are being sent to an external entity, for example `amazonaws.com`, via the `/meta/proxy` Rancher endpoint. These headers may contain identifiable and/or sensitive information e.g. email addresses."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-02T10:00:18.538Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-54468"
},
{
"url": "https://github.com/rancher/rancher/security/advisories/GHSA-mjcp-rj3c-36fr"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Rancher sends sensitive information to external services through the `/meta/proxy` endpoint",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2025-54468",
"datePublished": "2025-10-02T10:00:18.538Z",
"dateReserved": "2025-07-23T08:11:16.425Z",
"dateUpdated": "2025-10-02T14:10:23.278Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-8077 (GCVE-0-2025-8077)
Vulnerability from cvelistv5 – Published: 2025-09-17 12:33 – Updated: 2025-09-18 03:55
VLAI?
Title
NeuVector admin account has insecure default password
Summary
A vulnerability exists in NeuVector versions up to and including 5.4.5, where a fixed string is used as the default password for the built-in `admin` account. If this password is not changed immediately after deployment, any workload with network access within the cluster could use the default credentials to obtain an authentication token. This token can then be used to perform any operation via NeuVector APIs.
Severity ?
9.8 (Critical)
CWE
- CWE-1393 - Use of Default Password
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-8077",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-17T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-18T03:55:12.546Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "github.com/neuvector/neuvector",
"product": "neuvector",
"vendor": "SUSE",
"versions": [
{
"lessThan": "5.4.6",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-08-28T11:33:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability exists in NeuVector versions up to and including 5.4.5, where a fixed string is used as the default password for the built-in `admin` account. If this password is not changed immediately after deployment, any workload with network access within the cluster could use the default credentials to obtain an authentication token. This token can then be used to perform any operation via NeuVector APIs."
}
],
"value": "A vulnerability exists in NeuVector versions up to and including 5.4.5, where a fixed string is used as the default password for the built-in `admin` account. If this password is not changed immediately after deployment, any workload with network access within the cluster could use the default credentials to obtain an authentication token. This token can then be used to perform any operation via NeuVector APIs."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1393",
"description": "CWE-1393: Use of Default Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-17T12:33:37.904Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-8077"
},
{
"url": "https://github.com/neuvector/neuvector/security/advisories/GHSA-8pxw-9c75-6w56"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "NeuVector admin account has insecure default password",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2025-8077",
"datePublished": "2025-09-17T12:33:37.904Z",
"dateReserved": "2025-07-23T08:11:06.216Z",
"dateUpdated": "2025-09-18T03:55:12.546Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-54467 (GCVE-0-2025-54467)
Vulnerability from cvelistv5 – Published: 2025-09-17 12:29 – Updated: 2025-09-17 13:19
VLAI?
Title
NeuVector process with sensitive arguments lead to leakage
Summary
When a Java command with password parameters is executed and terminated by NeuVector for Process rule violation the password will appear in the NeuVector security event log.
Severity ?
5.3 (Medium)
CWE
- CWE-522 - Insufficiently Protected Credentials
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-54467",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-17T13:19:50.489206Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-17T13:19:59.410Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "github.com/neuvector/neuvector",
"product": "neuvector",
"vendor": "SUSE",
"versions": [
{
"lessThan": "5.4.6",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-08-28T11:33:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "When a Java command with password parameters is executed and terminated by NeuVector for Process rule violation the password will\u0026nbsp;appear in the NeuVector security event log."
}
],
"value": "When a Java command with password parameters is executed and terminated by NeuVector for Process rule violation the password will\u00a0appear in the NeuVector security event log."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522: Insufficiently Protected Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-17T12:32:01.726Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-54467"
},
{
"url": "https://github.com/neuvector/neuvector/security/advisories/GHSA-w54x-xfxg-4gxq"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "NeuVector process with sensitive arguments lead to leakage",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2025-54467",
"datePublished": "2025-09-17T12:29:36.480Z",
"dateReserved": "2025-07-23T08:11:16.425Z",
"dateUpdated": "2025-09-17T13:19:59.410Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53884 (GCVE-0-2025-53884)
Vulnerability from cvelistv5 – Published: 2025-09-17 12:27 – Updated: 2025-09-17 13:24
VLAI?
Title
NeuVector has an insecure password storage vulnerable to rainbow attack
Summary
NeuVector stores user passwords and API keys using a simple, unsalted hash. This method is vulnerable to rainbow table attack (offline attack where hashes of known passwords are precomputed).
Severity ?
5.3 (Medium)
CWE
- CWE-759 - Use of a One-Way Hash without a Salt
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53884",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-17T13:23:56.456330Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-17T13:24:19.979Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "github.com/neuvector/neuvector",
"product": "neuvector",
"vendor": "SUSE",
"versions": [
{
"lessThan": "5.4.6",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-08-26T16:18:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "NeuVector stores user passwords and API keys using a simple, unsalted hash. This method is vulnerable to rainbow table attack (offline attack where hashes of known passwords are precomputed)."
}
],
"value": "NeuVector stores user passwords and API keys using a simple, unsalted hash. This method is vulnerable to rainbow table attack (offline attack where hashes of known passwords are precomputed)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-759",
"description": "CWE-759: Use of a One-Way Hash without a Salt",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-17T12:27:03.128Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-53884"
},
{
"url": "https://github.com/neuvector/neuvector/security/advisories/GHSA-8ff6-pc43-jwv3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "NeuVector has an insecure password storage vulnerable to rainbow attack",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2025-53884",
"datePublished": "2025-09-17T12:27:03.128Z",
"dateReserved": "2025-07-11T10:53:52.682Z",
"dateUpdated": "2025-09-17T13:24:19.979Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-58259 (GCVE-0-2024-58259)
Vulnerability from cvelistv5 – Published: 2025-09-02 11:53 – Updated: 2025-09-02 13:28
VLAI?
Title
Rancher affected by unauthenticated Denial of Service
Summary
A vulnerability has been identified within Rancher Manager in which it
did not enforce request body size limits on certain public
(unauthenticated) and authenticated API endpoints. This allows a
malicious user to exploit this by sending excessively large payloads,
which are fully loaded into memory during processing, leading to Denial of Service (DoS).
Severity ?
8.2 (High)
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-58259",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-02T13:28:09.503702Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T13:28:15.865Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "github.com/rancher/rancher",
"product": "rancher",
"vendor": "SUSE",
"versions": [
{
"lessThan": "2.12.1",
"status": "affected",
"version": "2.12.0",
"versionType": "semver"
},
{
"lessThan": "2.11.5",
"status": "affected",
"version": "2.11.0",
"versionType": "semver"
},
{
"lessThan": "2.10.9",
"status": "affected",
"version": "2.10.0",
"versionType": "semver"
},
{
"lessThan": "2.9.11",
"status": "affected",
"version": "2.9.0",
"versionType": "semver"
},
{
"lessThan": "0.0.0-20250813072957-aee95d4e2a41",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-08-29T13:38:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability has been identified within Rancher Manager in which it \ndid not enforce request body size limits on certain public \n(unauthenticated) and authenticated API endpoints. This allows a \nmalicious user to exploit this by sending excessively large payloads, \nwhich are fully loaded into memory during processing, leading to\u0026nbsp;Denial of Service (DoS)."
}
],
"value": "A vulnerability has been identified within Rancher Manager in which it \ndid not enforce request body size limits on certain public \n(unauthenticated) and authenticated API endpoints. This allows a \nmalicious user to exploit this by sending excessively large payloads, \nwhich are fully loaded into memory during processing, leading to\u00a0Denial of Service (DoS)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T11:54:30.959Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-58259"
},
{
"url": "https://github.com/rancher/rancher/security/advisories/GHSA-4h45-jpvh-6p5j"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Rancher affected by unauthenticated Denial of Service",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2024-58259",
"datePublished": "2025-09-02T11:53:03.928Z",
"dateReserved": "2025-07-23T08:10:38.954Z",
"dateUpdated": "2025-09-02T13:28:15.865Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-52284 (GCVE-0-2024-52284)
Vulnerability from cvelistv5 – Published: 2025-09-02 11:49 – Updated: 2025-09-02 13:31
VLAI?
Title
Rancher Fleet Helm Values are stored inside BundleDeployment in plain text
Summary
Unauthorized disclosure of sensitive data: Any user with `GET` or `LIST` permissions on `BundleDeployment` resources could retrieve Helm values containing credentials or other secrets.
Severity ?
7.7 (High)
CWE
- CWE-312 - Cleartext Storage of Sensitive Information
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-52284",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-02T13:31:45.987374Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T13:31:49.988Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "github.com/rancher/fleet",
"product": "Rancher",
"vendor": "SUSE",
"versions": [
{
"lessThan": "0.13.1-0.20250806151509-088bcbea7edb",
"status": "affected",
"version": "0.13.0",
"versionType": "semver"
},
{
"lessThan": "0.12.6",
"status": "affected",
"version": "0.12.0",
"versionType": "semver"
},
{
"lessThan": "0.11.10",
"status": "affected",
"version": "0.11.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-08-29T12:31:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Unauthorized disclosure of sensitive data: Any user with `GET` or `LIST` permissions on `BundleDeployment` resources could retrieve Helm values containing credentials or other secrets."
}
],
"value": "Unauthorized disclosure of sensitive data: Any user with `GET` or `LIST` permissions on `BundleDeployment` resources could retrieve Helm values containing credentials or other secrets."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "CWE-312: Cleartext Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T11:50:55.874Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-52284"
},
{
"url": "https://github.com/advisories/GHSA-6h9x-9j5v-7w9h"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Rancher Fleet Helm Values are stored inside BundleDeployment in plain text",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2024-52284",
"datePublished": "2025-09-02T11:49:49.379Z",
"dateReserved": "2024-11-06T12:19:57.723Z",
"dateUpdated": "2025-09-02T13:31:49.988Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-46810 (GCVE-0-2025-46810)
Vulnerability from cvelistv5 – Published: 2025-09-02 11:34 – Updated: 2025-09-03 03:55
VLAI?
Summary
A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of openSUSE Tumbleweed traefik2 allows the traefik user to escalate to root. This issue affects Tumbleweed: from ? before 2.11.29.
Severity ?
CWE
- CWE-61 - UNIX Symbolic Link (Symlink) Following
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| openSUSE | Tumbleweed |
Affected:
? , < 2.11.29
(semver)
|
Credits
Johannes Segitz of SUSE
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-46810",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-02T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T03:55:31.087Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "traefik2",
"product": "Tumbleweed",
"vendor": "openSUSE",
"versions": [
{
"lessThan": "2.11.29",
"status": "affected",
"version": "?",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Johannes Segitz of SUSE"
}
],
"datePublic": "2025-08-30T03:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of openSUSE Tumbleweed traefik2 allows the traefik user to escalate to root.\u0026nbsp;\u003cp\u003eThis issue affects Tumbleweed: from ? before 2.11.29.\u003c/p\u003e"
}
],
"value": "A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of openSUSE Tumbleweed traefik2 allows the traefik user to escalate to root.\u00a0This issue affects Tumbleweed: from ? before 2.11.29."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-61",
"description": "CWE-61: UNIX Symbolic Link (Symlink) Following",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T11:35:54.497Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1245204"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2025-46810",
"datePublished": "2025-09-02T11:34:32.138Z",
"dateReserved": "2025-04-30T11:28:04.728Z",
"dateUpdated": "2025-09-03T03:55:31.087Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-46809 (GCVE-0-2025-46809)
Vulnerability from cvelistv5 – Published: 2025-07-31 15:24 – Updated: 2025-09-03 07:12
VLAI?
Title
Multi Linux Manager epxoses the plain text HTTP Proxy user:password in logs
Summary
A Plaintext Storage of a Password vulnerability in SUSE exposes the credentials for the HTTP proxy in the log files. This issue affects Container suse/manager/4.3/proxy-httpd:4.3.16.9.67.1: from ? before 4.3.33-150400.3.55.2; Container suse/manager/5.0/x86_64/proxy-httpd:5.0.5.7.23.1: from ? before 5.0.14-150600.4.17.1; Container suse/manager/5.0/x86_64/server:5.0.5.7.30.1: from ? before 5.0.14-150600.4.17.1; Image SLES15-SP4-Manager-Proxy-4-3-BYOS: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Proxy-4-3-BYOS-EC2: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Proxy-4-3-BYOS-GCE: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Server-4-3-BYOS: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE: from ? before 4.3.33-150400.3.55.2; SUSE Manager Proxy Module 4.3: from ? before 4.3.33-150400.3.55.2; SUSE Manager Server Module 4.3: from ? before 4.3.33-150400.3.55.2.
Severity ?
5.7 (Medium)
CWE
- CWE-256 - Plaintext Storage of a Password
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| SUSE | Container suse/manager/4.3/proxy-httpd:4.3.16.9.67.1 |
Affected:
? , < 4.3.33-150400.3.55.2
(custom)
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Oscar Barrios of SUSE
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-46809",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-31T20:08:05.402246Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-31T20:08:17.438Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "spacewalk-backend",
"product": "Container suse/manager/4.3/proxy-httpd:4.3.16.9.67.1",
"vendor": "SUSE",
"versions": [
{
"lessThan": "4.3.33-150400.3.55.2",
"status": "affected",
"version": "?",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "spacewalk-backend",
"product": "Container suse/manager/5.0/x86_64/proxy-httpd:5.0.5.7.23.1",
"vendor": "SUSE",
"versions": [
{
"lessThan": "5.0.14-150600.4.17.1",
"status": "affected",
"version": "?",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "spacewalk-backend",
"product": "Container suse/manager/5.0/x86_64/server:5.0.5.7.30.1",
"vendor": "SUSE",
"versions": [
{
"lessThan": "5.0.14-150600.4.17.1",
"status": "affected",
"version": "?",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "spacewalk-backend",
"product": "Image SLES15-SP4-Manager-Proxy-4-3-BYOS",
"vendor": "SUSE",
"versions": [
{
"lessThan": "4.3.33-150400.3.55.2",
"status": "affected",
"version": "?",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "spacewalk-backend",
"product": "Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure",
"vendor": "SUSE",
"versions": [
{
"lessThan": "4.3.33-150400.3.55.2",
"status": "affected",
"version": "?",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "spacewalk-backend",
"product": "Image SLES15-SP4-Manager-Proxy-4-3-BYOS-EC2",
"vendor": "SUSE",
"versions": [
{
"lessThan": "4.3.33-150400.3.55.2",
"status": "affected",
"version": "?",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "spacewalk-backend",
"product": "Image SLES15-SP4-Manager-Proxy-4-3-BYOS-GCE",
"vendor": "SUSE",
"versions": [
{
"lessThan": "4.3.33-150400.3.55.2",
"status": "affected",
"version": "?",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "spacewalk-backend",
"product": "Image SLES15-SP4-Manager-Server-4-3-BYOS",
"vendor": "SUSE",
"versions": [
{
"lessThan": "4.3.33-150400.3.55.2",
"status": "affected",
"version": "?",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "spacewalk-backend",
"product": "Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure",
"vendor": "SUSE",
"versions": [
{
"lessThan": "4.3.33-150400.3.55.2",
"status": "affected",
"version": "?",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "spacewalk-backend",
"product": "Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2",
"vendor": "SUSE",
"versions": [
{
"lessThan": "4.3.33-150400.3.55.2",
"status": "affected",
"version": "?",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "spacewalk-backend",
"product": "Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE",
"vendor": "SUSE",
"versions": [
{
"lessThan": "4.3.33-150400.3.55.2",
"status": "affected",
"version": "?",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "spacewalk-backend",
"product": "SUSE Manager Proxy Module 4.3",
"vendor": "SUSE",
"versions": [
{
"lessThan": "4.3.33-150400.3.55.2",
"status": "affected",
"version": "?",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "spacewalk-backend",
"product": "SUSE Manager Server Module 4.3",
"vendor": "SUSE",
"versions": [
{
"lessThan": "4.3.33-150400.3.55.2",
"status": "affected",
"version": "?",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Oscar Barrios of SUSE"
}
],
"datePublic": "2025-07-23T12:28:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A Plaintext Storage of a Password vulnerability in SUSE exposes the credentials for the HTTP proxy in the log files.\u0026nbsp;\u003cp\u003eThis issue affects Container suse/manager/4.3/proxy-httpd:4.3.16.9.67.1: from ? before 4.3.33-150400.3.55.2; Container suse/manager/5.0/x86_64/proxy-httpd:5.0.5.7.23.1: from ? before 5.0.14-150600.4.17.1; Container suse/manager/5.0/x86_64/server:5.0.5.7.30.1: from ? before 5.0.14-150600.4.17.1; Image SLES15-SP4-Manager-Proxy-4-3-BYOS: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Proxy-4-3-BYOS-EC2: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Proxy-4-3-BYOS-GCE: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Server-4-3-BYOS: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE: from ? before 4.3.33-150400.3.55.2; SUSE Manager Proxy Module 4.3: from ? before 4.3.33-150400.3.55.2; SUSE Manager Server Module 4.3: from ? before 4.3.33-150400.3.55.2.\u003c/p\u003e"
}
],
"value": "A Plaintext Storage of a Password vulnerability in SUSE exposes the credentials for the HTTP proxy in the log files.\u00a0This issue affects Container suse/manager/4.3/proxy-httpd:4.3.16.9.67.1: from ? before 4.3.33-150400.3.55.2; Container suse/manager/5.0/x86_64/proxy-httpd:5.0.5.7.23.1: from ? before 5.0.14-150600.4.17.1; Container suse/manager/5.0/x86_64/server:5.0.5.7.30.1: from ? before 5.0.14-150600.4.17.1; Image SLES15-SP4-Manager-Proxy-4-3-BYOS: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Proxy-4-3-BYOS-EC2: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Proxy-4-3-BYOS-GCE: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Server-4-3-BYOS: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE: from ? before 4.3.33-150400.3.55.2; SUSE Manager Proxy Module 4.3: from ? before 4.3.33-150400.3.55.2; SUSE Manager Server Module 4.3: from ? before 4.3.33-150400.3.55.2."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-256",
"description": "CWE-256: Plaintext Storage of a Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T07:12:41.584Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-46809"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Multi Linux Manager epxoses the plain text HTTP Proxy user:password in logs",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2025-46809",
"datePublished": "2025-07-31T15:24:41.890Z",
"dateReserved": "2025-04-30T11:28:04.728Z",
"dateUpdated": "2025-09-03T07:12:41.584Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-46811 (GCVE-0-2025-46811)
Vulnerability from cvelistv5 – Published: 2025-07-30 14:20 – Updated: 2025-09-03 07:03
VLAI?
Title
SUSE Multi Linux Manager allows code execution via unprotected websocket endpoint
Summary
A Missing Authorization vulnerability in SUSE Linux Manager allows anyone with the ability to connect to port 443 of SUSE Manager is able to run any command as root on any client. This issue affects Container suse/manager/5.0/x86_64/server:5.0.5.7.30.1: from ? before 5.0.27-150600.3.33.1; Image SLES15-SP4-Manager-Server-4-3-BYOS: from ? before 4.3.87-150400.3.110.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure: from ? before 4.3.87-150400.3.110.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2: from ? before 4.3.87-150400.3.110.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE: from ? before 4.3.87-150400.3.110.2; SUSE Manager Server Module 4.3: from ? before 4.3.87-150400.3.110.2.
Severity ?
9.8 (Critical)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| SUSE | Container suse/manager/5.0/x86_64/server:5.0.5.7.30.1 |
Affected:
? , < 5.0.27-150600.3.33.1
(custom)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
Credits
Simon Holl (MindBytes)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-46811",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-01T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-02T03:55:50.933Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "spacewalk-java",
"product": "Container suse/manager/5.0/x86_64/server:5.0.5.7.30.1",
"vendor": "SUSE",
"versions": [
{
"lessThan": "5.0.27-150600.3.33.1",
"status": "affected",
"version": "?",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "spacewalk-java",
"product": "Image SLES15-SP4-Manager-Server-4-3-BYOS",
"vendor": "SUSE",
"versions": [
{
"lessThan": "4.3.87-150400.3.110.2",
"status": "affected",
"version": "?",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "spacewalk-java",
"product": "Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure",
"vendor": "SUSE",
"versions": [
{
"lessThan": "4.3.87-150400.3.110.2",
"status": "affected",
"version": "?",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "spacewalk-java",
"product": "Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2",
"vendor": "SUSE",
"versions": [
{
"lessThan": "4.3.87-150400.3.110.2",
"status": "affected",
"version": "?",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "spacewalk-java",
"product": "Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE",
"vendor": "SUSE",
"versions": [
{
"lessThan": "4.3.87-150400.3.110.2",
"status": "affected",
"version": "?",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "spacewalk-java",
"product": "SUSE Manager Server Module 4.3",
"vendor": "SUSE",
"versions": [
{
"lessThan": "4.3.87-150400.3.110.2",
"status": "affected",
"version": "?",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Simon Holl (MindBytes)"
}
],
"datePublic": "2025-07-23T12:25:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A Missing Authorization vulnerability in SUSE Linux Manager allows anyone with the ability to connect to port 443 of SUSE Manager is able to run any command as root on any client.\u0026nbsp;\u003cp\u003eThis issue affects Container suse/manager/5.0/x86_64/server:5.0.5.7.30.1: from ? before 5.0.27-150600.3.33.1; Image SLES15-SP4-Manager-Server-4-3-BYOS: from ? before 4.3.87-150400.3.110.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure: from ? before 4.3.87-150400.3.110.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2: from ? before 4.3.87-150400.3.110.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE: from ? before 4.3.87-150400.3.110.2; SUSE Manager Server Module 4.3: from ? before 4.3.87-150400.3.110.2.\u003c/p\u003e"
}
],
"value": "A Missing Authorization vulnerability in SUSE Linux Manager allows anyone with the ability to connect to port 443 of SUSE Manager is able to run any command as root on any client.\u00a0This issue affects Container suse/manager/5.0/x86_64/server:5.0.5.7.30.1: from ? before 5.0.27-150600.3.33.1; Image SLES15-SP4-Manager-Server-4-3-BYOS: from ? before 4.3.87-150400.3.110.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure: from ? before 4.3.87-150400.3.110.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2: from ? before 4.3.87-150400.3.110.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE: from ? before 4.3.87-150400.3.110.2; SUSE Manager Server Module 4.3: from ? before 4.3.87-150400.3.110.2."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862: Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T07:03:41.669Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-46811"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "SUSE Multi Linux Manager allows code execution via unprotected websocket endpoint",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2025-46811",
"datePublished": "2025-07-30T14:20:53.828Z",
"dateReserved": "2025-04-30T11:28:04.729Z",
"dateUpdated": "2025-09-03T07:03:41.669Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53882 (GCVE-0-2025-53882)
Vulnerability from cvelistv5 – Published: 2025-07-23 09:31 – Updated: 2025-09-03 07:23
VLAI?
Title
The logrotate configuration in the python-mailman of openSUSE allows the mailman user to sent SIGHUP to arbitrary proceess
Summary
A Reliance on Untrusted Inputs in a Security Decision vulnerability in the logrotate configuration for openSUSE mailman3 package allows the mailman user to sent SIGHUP to arbitrary processes. This issue affects openSUSE Tumbleweed: from ? before 3.3.10-2.1.
Severity ?
4.4 (Medium)
CWE
- CWE-807 - Reliance on Untrusted Inputs in a Security Decision
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SUSE | openSUSE Tumbleweed |
Affected:
? , < 3.3.10-2.1
(custom)
|
Credits
Matthias Gerstner of SUSE
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53882",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-29T03:55:20.012924Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T18:47:59.147Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "mailman3",
"product": "openSUSE Tumbleweed",
"vendor": "SUSE",
"versions": [
{
"lessThan": "3.3.10-2.1",
"status": "affected",
"version": "?",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Matthias Gerstner of SUSE"
}
],
"datePublic": "2025-07-15T10:33:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A Reliance on Untrusted Inputs in a Security Decision vulnerability in the logrotate configuration for openSUSE mailman3 package allows the mailman user to sent SIGHUP to arbitrary processes.\u0026nbsp;\u003cp\u003eThis issue affects openSUSE Tumbleweed: from ? before 3.3.10-2.1.\u003c/p\u003e"
}
],
"value": "A Reliance on Untrusted Inputs in a Security Decision vulnerability in the logrotate configuration for openSUSE mailman3 package allows the mailman user to sent SIGHUP to arbitrary processes.\u00a0This issue affects openSUSE Tumbleweed: from ? before 3.3.10-2.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-807",
"description": "CWE-807: Reliance on Untrusted Inputs in a Security Decision",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T07:23:06.351Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-53882"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "The logrotate configuration in the python-mailman of openSUSE allows the mailman user to sent SIGHUP to arbitrary proceess",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2025-53882",
"datePublished": "2025-07-23T09:31:18.547Z",
"dateReserved": "2025-07-11T10:53:52.681Z",
"dateUpdated": "2025-09-03T07:23:06.351Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-46806 (GCVE-0-2025-46806)
Vulnerability from cvelistv5 – Published: 2025-06-02 12:11 – Updated: 2025-06-02 16:27
VLAI?
Title
Misaligned Memory Accesses in `is_openvpn_protocol()`
Summary
A Use of Out-of-range Pointer Offset vulnerability in sslh leads to denial of service on some architectures.This issue affects sslh before 2.2.4.
Severity ?
CWE
- CWE-823 - Use of Out-of-range Pointer Offset
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| https://github.com/yrutschle/sslh/releases/tag/v2.2.4 | sslh |
Affected:
? , < 2.2.4
(semver)
|
Credits
Matthias Gerstner, SUSE
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-46806",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-02T16:26:29.067082Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-02T16:27:11.300Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "sslh",
"vendor": "https://github.com/yrutschle/sslh/releases/tag/v2.2.4",
"versions": [
{
"lessThan": "2.2.4",
"status": "affected",
"version": "?",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Matthias Gerstner, SUSE"
}
],
"datePublic": "2025-06-02T06:15:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A Use of Out-of-range Pointer Offset vulnerability in sslh leads to denial of service on some architectures.\u003cp\u003eThis issue affects sslh before 2.2.4.\u003c/p\u003e"
}
],
"value": "A Use of Out-of-range Pointer Offset vulnerability in sslh leads to denial of service on some architectures.This issue affects sslh before 2.2.4."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-823",
"description": "CWE-823: Use of Out-of-range Pointer Offset",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-02T12:11:20.267Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://github.com/yrutschle/sslh/releases/tag/v2.2.4"
},
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-46806"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Misaligned Memory Accesses in `is_openvpn_protocol()`",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2025-46806",
"datePublished": "2025-06-02T12:11:20.267Z",
"dateReserved": "2025-04-30T11:28:04.728Z",
"dateUpdated": "2025-06-02T16:27:11.300Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}