Search

Find a vulnerability

Search criteria

    8 vulnerabilities found for Red Hat OpenShift sandboxed containers 1.1 by Red Hat

    CVE-2025-8941 (GCVE-0-2025-8941)

    Vulnerability from nvd – Published: 2025-08-13 14:42 – Updated: 2026-02-26 17:48
    VLAI
    Title
    Linux-pam: incomplete fix for cve-2025-6020
    Summary
    A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2025:14557 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15099 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15100 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15101 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15102 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15103 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15104 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15105 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15106 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15107 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15709 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15827 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15828 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:16524 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:17181 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:18219 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:21885 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2025-8941 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2388220 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:1.1.8-23.el7_9.2 , < * (rpm)
        cpe:/o:redhat:rhel_els:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.3.1-38.el8_10 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.3.1-8.el8_2.2 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.3.1-14.el8_4.2 , < * (rpm)
        cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
        cpe:/o:redhat:rhel_aus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Unaffected: 0:1.3.1-14.el8_4.2 , < * (rpm)
        cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
        cpe:/o:redhat:rhel_aus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:1.3.1-16.el8_6.3 , < * (rpm)
        cpe:/o:redhat:rhel_e4s:8.6::baseos
        cpe:/o:redhat:rhel_tus:8.6::baseos
        cpe:/o:redhat:rhel_aus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:1.3.1-16.el8_6.3 , < * (rpm)
        cpe:/o:redhat:rhel_e4s:8.6::baseos
        cpe:/o:redhat:rhel_tus:8.6::baseos
        cpe:/o:redhat:rhel_aus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:1.3.1-16.el8_6.3 , < * (rpm)
        cpe:/o:redhat:rhel_e4s:8.6::baseos
        cpe:/o:redhat:rhel_tus:8.6::baseos
        cpe:/o:redhat:rhel_aus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Telecommunications Update Service Unaffected: 0:1.3.1-26.el8_8.2 , < * (rpm)
        cpe:/o:redhat:rhel_e4s:8.8::baseos
        cpe:/o:redhat:rhel_tus:8.8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Unaffected: 0:1.3.1-26.el8_8.2 , < * (rpm)
        cpe:/o:redhat:rhel_e4s:8.8::baseos
        cpe:/o:redhat:rhel_tus:8.8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.5.1-26.el9_6 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
        cpe:/o:redhat:enterprise_linux:9::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:1.5.1-9.el9_0.3 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:9.0::appstream
        cpe:/o:redhat:rhel_e4s:9.0::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Unaffected: 0:1.5.1-15.el9_2.2 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:9.2::appstream
        cpe:/o:redhat:rhel_e4s:9.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:1.5.1-24.el9_4.1 , < * (rpm)
        cpe:/o:redhat:rhel_eus:9.4::baseos
        cpe:/a:redhat:rhel_eus:9.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Web Terminal 1.11 on RHEL 9 Unaffected: 1.11-19 , < * (rpm)
        cpe:/a:redhat:webterminal:1.11::el9
    Create a notification for this product.
    Red Hat Red Hat Web Terminal 1.11 on RHEL 9 Unaffected: 1.11-8 , < * (rpm)
        cpe:/a:redhat:webterminal:1.11::el9
    Create a notification for this product.
    Red Hat Red Hat Web Terminal 1.12 on RHEL 9 Unaffected: 1.12-4 , < * (rpm)
        cpe:/a:redhat:webterminal:1.12::el9
    Create a notification for this product.
    Red Hat cert-manager operator for Red Hat OpenShift 1.16 Unaffected: sha256:330e8b5ab4841a21f8f5f23cc7fb192197872f11639b12bf4b1e70831f636323 , < * (rpm)
        cpe:/a:redhat:cert_manager:1.16::el9
    Create a notification for this product.
    Red Hat Compliance Operator 1 Unaffected: sha256:c953e9f9abf9cf25bf65bb3ffdc86ccf49b3e69a1cf3fbb47b6972e421fd6628 , < * (rpm)
        cpe:/a:redhat:openshift_compliance_operator:1::el9
    Create a notification for this product.
    Red Hat Red Hat Discovery 2 Unaffected: sha256:c85cfbcaf7888885e57596b7b8bde3894718cfc33326499b24961a66a62cf083 , < * (rpm)
        cpe:/a:redhat:discovery:2::el9
    Create a notification for this product.
    Red Hat Red Hat Insights proxy 1.5 Unaffected: sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea , < * (rpm)
        cpe:/a:redhat:insights_proxy:1.5::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift sandboxed containers 1.1 Unaffected: sha256:24722900db1425bf0c27f6ad6f3fb7d79ff9ebc433bdab58423fa71bab76122b , < * (rpm)
        cpe:/a:redhat:confidential_compute_attestation:1.10::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift sandboxed containers 1.1 Unaffected: sha256:f5e1602d72177d77f1b879c76e6f6cfbc2979c136c06ca9f03ea97ffb369b7a6 , < * (rpm)
        cpe:/a:redhat:confidential_compute_attestation:1.10::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift sandboxed containers 1.1 Unaffected: sha256:cead623ceda4048cabaa81c371ed2a8143f5c5514276fca1d71685bd9e6d1e65 , < * (rpm)
        cpe:/a:redhat:confidential_compute_attestation:1.10::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift sandboxed containers 1.1 Unaffected: sha256:59fb1f7f1653361d94f7d48b42d8fe19ed3263c1c78654837c11f2135544c1ac , < * (rpm)
        cpe:/a:redhat:confidential_compute_attestation:1.10::el9
    Create a notification for this product.
    Date Public
    2025-08-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-8941",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-14T03:56:02.437686Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:48:41.074Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/linux-pam/linux-pam",
              "defaultStatus": "unaffected",
              "packageName": "linux-pam"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_els:7"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.1.8-23.el7_9.2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.1-38.el8_10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.1-8.el8_2.2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos",
                "cpe:/o:redhat:rhel_aus:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.1-14.el8_4.2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos",
                "cpe:/o:redhat:rhel_aus:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.1-14.el8_4.2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_e4s:8.6::baseos",
                "cpe:/o:redhat:rhel_tus:8.6::baseos",
                "cpe:/o:redhat:rhel_aus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.1-16.el8_6.3",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_e4s:8.6::baseos",
                "cpe:/o:redhat:rhel_tus:8.6::baseos",
                "cpe:/o:redhat:rhel_aus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.1-16.el8_6.3",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_e4s:8.6::baseos",
                "cpe:/o:redhat:rhel_tus:8.6::baseos",
                "cpe:/o:redhat:rhel_aus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.1-16.el8_6.3",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_e4s:8.8::baseos",
                "cpe:/o:redhat:rhel_tus:8.8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.1-26.el8_8.2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_e4s:8.8::baseos",
                "cpe:/o:redhat:rhel_tus:8.8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.1-26.el8_8.2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-26.el9_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-26.el9_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:9.0::appstream",
                "cpe:/o:redhat:rhel_e4s:9.0::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-9.el9_0.3",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:9.2::appstream",
                "cpe:/o:redhat:rhel_e4s:9.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-15.el9_2.2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:9.4::baseos",
                "cpe:/a:redhat:rhel_eus:9.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-24.el9_4.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:webterminal:1.11::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "web-terminal/web-terminal-rhel9-operator",
              "product": "Red Hat Web Terminal 1.11 on RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.11-19",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:webterminal:1.11::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "web-terminal/web-terminal-tooling-rhel9",
              "product": "Red Hat Web Terminal 1.11 on RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.11-8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:webterminal:1.12::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "web-terminal/web-terminal-tooling-rhel9",
              "product": "Red Hat Web Terminal 1.12 on RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.12-4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:cert_manager:1.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "cert-manager/jetstack-cert-manager-rhel9",
              "product": "cert-manager operator for Red Hat OpenShift 1.16",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "sha256:330e8b5ab4841a21f8f5f23cc7fb192197872f11639b12bf4b1e70831f636323",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_compliance_operator:1::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "compliance/openshift-compliance-openscap-rhel8",
              "product": "Compliance Operator 1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "sha256:c953e9f9abf9cf25bf65bb3ffdc86ccf49b3e69a1cf3fbb47b6972e421fd6628",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:discovery:2::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "discovery/discovery-server-rhel9",
              "product": "Red Hat Discovery 2",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "sha256:c85cfbcaf7888885e57596b7b8bde3894718cfc33326499b24961a66a62cf083",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:insights_proxy:1.5::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "insights-proxy/insights-proxy-container-rhel9",
              "product": "Red Hat Insights proxy 1.5",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9",
              "product": "Red Hat OpenShift sandboxed containers 1.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "sha256:24722900db1425bf0c27f6ad6f3fb7d79ff9ebc433bdab58423fa71bab76122b",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-sandboxed-containers/osc-monitor-rhel9",
              "product": "Red Hat OpenShift sandboxed containers 1.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "sha256:f5e1602d72177d77f1b879c76e6f6cfbc2979c136c06ca9f03ea97ffb369b7a6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-sandboxed-containers/osc-podvm-builder-rhel9",
              "product": "Red Hat OpenShift sandboxed containers 1.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "sha256:cead623ceda4048cabaa81c371ed2a8143f5c5514276fca1d71685bd9e6d1e65",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-sandboxed-containers/osc-podvm-payload-rhel9",
              "product": "Red Hat OpenShift sandboxed containers 1.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "sha256:59fb1f7f1653361d94f7d48b42d8fe19ed3263c1c78654837c11f2135544c1ac",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "datePublic": "2025-08-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a \"complete\" fix for CVE-2025-6020."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-12-10T20:56:35.028Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2025:14557",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:14557"
            },
            {
              "name": "RHSA-2025:15099",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15099"
            },
            {
              "name": "RHSA-2025:15100",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15100"
            },
            {
              "name": "RHSA-2025:15101",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15101"
            },
            {
              "name": "RHSA-2025:15102",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15102"
            },
            {
              "name": "RHSA-2025:15103",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15103"
            },
            {
              "name": "RHSA-2025:15104",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15104"
            },
            {
              "name": "RHSA-2025:15105",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15105"
            },
            {
              "name": "RHSA-2025:15106",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15106"
            },
            {
              "name": "RHSA-2025:15107",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15107"
            },
            {
              "name": "RHSA-2025:15709",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15709"
            },
            {
              "name": "RHSA-2025:15827",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15827"
            },
            {
              "name": "RHSA-2025:15828",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15828"
            },
            {
              "name": "RHSA-2025:16524",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:16524"
            },
            {
              "name": "RHSA-2025:17181",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:17181"
            },
            {
              "name": "RHSA-2025:18219",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:18219"
            },
            {
              "name": "RHSA-2025:21885",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:21885"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2025-8941"
            },
            {
              "name": "RHBZ#2388220",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388220"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-08-13T12:11:55.270Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2025-08-13T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Linux-pam: incomplete fix for cve-2025-6020",
          "workarounds": [
            {
              "lang": "en",
              "value": "Disable the `pam_namespace` module if it is not essential for your environment, or carefully review and configure it to avoid operating on any directories or paths that can be influenced or controlled by unprivileged users, such as user home directories or world-writable locations like `/tmp`."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2025-8941",
        "datePublished": "2025-08-13T14:42:37.570Z",
        "dateReserved": "2025-08-13T12:24:47.522Z",
        "dateUpdated": "2026-02-26T17:48:41.074Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-6020 (GCVE-0-2025-6020)

    Vulnerability from nvd – Published: 2025-06-17 12:44 – Updated: 2026-06-30 10:40
    VLAI
    Title
    Linux-pam: linux-pam directory traversal
    Summary
    A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2025:10024 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:10027 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:10180 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:10354 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:10357 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:10358 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:10359 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:10361 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:10362 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:10735 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:10823 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:11386 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:11487 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:14557 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15099 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15709 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15827 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15828 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:16524 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:17181 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:18219 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:20181 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:21885 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:22019 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:9526 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:0934 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2025-6020 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2372512 issue-trackingx_refsource_REDHAT
    https://github.com/linux-pam/linux-pam/security/a…
    http://www.openwall.com/lists/oss-security/2025/06/17/1
    https://lists.debian.org/debian-lts-announce/2025…
    https://cert-portal.siemens.com/productcert/html/…
    Impacted products
    Vendor Product Version
    Affected: 0 , < 1.7.1 (semver)
    Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:1.6.1-8.el10 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:10.1
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 10.0 Extended Update Support Unaffected: 0:1.6.1-8.el10_0 , < * (rpm)
        cpe:/o:redhat:enterprise_linux_eus:10.0
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:1.1.8-23.el7_9.1 , < * (rpm)
        cpe:/o:redhat:rhel_els:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.3.1-37.el8_10 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.3.1-38.el8_10 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.3.1-8.el8_2.1 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.3.1-14.el8_4.1 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:1.3.1-16.el8_6.2 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.6::baseos
        cpe:/o:redhat:rhel_e4s:8.6::baseos
        cpe:/o:redhat:rhel_tus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:1.3.1-16.el8_6.2 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.6::baseos
        cpe:/o:redhat:rhel_e4s:8.6::baseos
        cpe:/o:redhat:rhel_tus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:1.3.1-16.el8_6.2 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.6::baseos
        cpe:/o:redhat:rhel_e4s:8.6::baseos
        cpe:/o:redhat:rhel_tus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Telecommunications Update Service Unaffected: 0:1.3.1-26.el8_8.1 , < * (rpm)
        cpe:/o:redhat:rhel_e4s:8.8::baseos
        cpe:/o:redhat:rhel_tus:8.8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Unaffected: 0:1.3.1-26.el8_8.1 , < * (rpm)
        cpe:/o:redhat:rhel_e4s:8.8::baseos
        cpe:/o:redhat:rhel_tus:8.8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.5.1-26.el9_6 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
        cpe:/o:redhat:enterprise_linux:9::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.5.1-25.el9_6 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
        cpe:/o:redhat:enterprise_linux:9::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:1.5.1-9.el9_0.2 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:9.0::appstream
        cpe:/o:redhat:rhel_e4s:9.0::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Unaffected: 0:1.5.1-15.el9_2.1 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:9.2::appstream
        cpe:/o:redhat:rhel_e4s:9.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:1.5.1-24.el9_4 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.4::appstream
        cpe:/o:redhat:rhel_eus:9.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Web Terminal 1.11 on RHEL 9 Unaffected: 1.11-19 , < * (rpm)
        cpe:/a:redhat:webterminal:1.11::el9
    Create a notification for this product.
    Red Hat Red Hat Web Terminal 1.11 on RHEL 9 Unaffected: 1.11-8 , < * (rpm)
        cpe:/a:redhat:webterminal:1.11::el9
    Create a notification for this product.
    Red Hat Red Hat Web Terminal 1.12 on RHEL 9 Unaffected: 1.12-4 , < * (rpm)
        cpe:/a:redhat:webterminal:1.12::el9
    Create a notification for this product.
    Red Hat RHEL-8 based Middleware Containers Unaffected: 7.13.5-4.1752066672 , < * (rpm)
        cpe:/a:redhat:rhosemc:1.0::el8
    Create a notification for this product.
    Red Hat RHEL-8 based Middleware Containers Unaffected: 7.13.5-4.1752065732 , < * (rpm)
        cpe:/a:redhat:rhosemc:1.0::el8
    Create a notification for this product.
    Red Hat RHEL-8 based Middleware Containers Unaffected: 7.13.5-3.1752065737 , < * (rpm)
        cpe:/a:redhat:rhosemc:1.0::el8
    Create a notification for this product.
    Red Hat RHEL-8 based Middleware Containers Unaffected: 7.13.5-4.1752065731 , < * (rpm)
        cpe:/a:redhat:rhosemc:1.0::el8
    Create a notification for this product.
    Red Hat RHEL-8 based Middleware Containers Unaffected: 7.13.5-25 , < * (rpm)
        cpe:/a:redhat:rhosemc:1.0::el8
    Create a notification for this product.
    Red Hat RHEL-8 based Middleware Containers Unaffected: 7.13.5-4.1752065736 , < * (rpm)
        cpe:/a:redhat:rhosemc:1.0::el8
    Create a notification for this product.
    Red Hat RHEL-8 based Middleware Containers Unaffected: 7.13.5-2.1752065733 , < * (rpm)
        cpe:/a:redhat:rhosemc:1.0::el8
    Create a notification for this product.
    Red Hat RHEL-8 based Middleware Containers Unaffected: 7.13.5-4.1752065755 , < * (rpm)
        cpe:/a:redhat:rhosemc:1.0::el8
    Create a notification for this product.
    Red Hat RHOSS-1.36-RHEL-8 Unaffected: 1.36.0-11 , < * (rpm)
        cpe:/a:redhat:openshift_serverless:1.36::el8
    Create a notification for this product.
    Red Hat RHOSS-1.36-RHEL-8 Unaffected: 1.36.0-10 , < * (rpm)
        cpe:/a:redhat:openshift_serverless:1.36::el8
    Create a notification for this product.
    Red Hat RHOSS-1.36-RHEL-8 Unaffected: 1.36.0-4 , < * (rpm)
        cpe:/a:redhat:openshift_serverless:1.36::el8
    Create a notification for this product.
    Red Hat RHOSS-1.36-RHEL-8 Unaffected: 1.36.0-9 , < * (rpm)
        cpe:/a:redhat:openshift_serverless:1.36::el8
    Create a notification for this product.
    Red Hat RHOSS-1.36-RHEL-8 Unaffected: 1.36.0-12 , < * (rpm)
        cpe:/a:redhat:openshift_serverless:1.36::el8
    Create a notification for this product.
    Red Hat RHOSS-1.36-RHEL-8 Unaffected: 1.36.0-18 , < * (rpm)
        cpe:/a:redhat:openshift_serverless:1.36::el8
    Create a notification for this product.
    Red Hat RHOSS-1.36-RHEL-8 Unaffected: 1.36.0-7 , < * (rpm)
        cpe:/a:redhat:openshift_serverless:1.36::el8
    Create a notification for this product.
    Red Hat cert-manager operator for Red Hat OpenShift 1.16 Unaffected: v1.16.5-1760515757 , < * (rpm)
        cpe:/a:redhat:cert_manager:1.16::el9
    Create a notification for this product.
    Red Hat OpenShift Compliance Operator 1 Unaffected: 1.8.0 , < * (rpm)
        cpe:/a:redhat:openshift_compliance_operator:1::el9
    Create a notification for this product.
    Red Hat Red Hat Discovery 2 Unaffected: 2.0.0-1752592913 , < * (rpm)
        cpe:/a:redhat:discovery:2::el9
    Create a notification for this product.
    Red Hat Red Hat Discovery 2 Unaffected: 2.2.1-1758555934 , < * (rpm)
        cpe:/a:redhat:discovery:2::el9
    Create a notification for this product.
    Red Hat Red Hat Insights proxy 1.5 Unaffected: 1.5.7-1759331989 , < * (rpm)
        cpe:/a:redhat:insights_proxy:1.5::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3.6.0 Unaffected: rhosdt-3.6-1752046452 , < * (rpm)
        cpe:/a:redhat:openshift_distributed_tracing:3.6::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3.6.0 Unaffected: rhosdt-3.6-1752046437 , < * (rpm)
        cpe:/a:redhat:openshift_distributed_tracing:3.6::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3.6.0 Unaffected: rhosdt-3.6-1752046439 , < * (rpm)
        cpe:/a:redhat:openshift_distributed_tracing:3.6::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3.6.0 Unaffected: rhosdt-3.6-1752070865 , < * (rpm)
        cpe:/a:redhat:openshift_distributed_tracing:3.6::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3.6.0 Unaffected: rhosdt-3.6-1752070873 , < * (rpm)
        cpe:/a:redhat:openshift_distributed_tracing:3.6::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3.6.0 Unaffected: rhosdt-3.6-1751993590 , < * (rpm)
        cpe:/a:redhat:openshift_distributed_tracing:3.6::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3.6.0 Unaffected: rhosdt-3.6-1752070827 , < * (rpm)
        cpe:/a:redhat:openshift_distributed_tracing:3.6::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3.6.0 Unaffected: rhosdt-3.6-1752070833 , < * (rpm)
        cpe:/a:redhat:openshift_distributed_tracing:3.6::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3.6.0 Unaffected: rhosdt-3.6-1752070866 , < * (rpm)
        cpe:/a:redhat:openshift_distributed_tracing:3.6::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift sandboxed containers 1.1 Unaffected: 1.10.2-1757422110 , < * (rpm)
        cpe:/a:redhat:confidential_compute_attestation:1.10::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift sandboxed containers 1.1 Unaffected: 1.10.2-1757421804 , < * (rpm)
        cpe:/a:redhat:confidential_compute_attestation:1.10::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift sandboxed containers 1.1 Unaffected: 1.10.2-1757421879 , < * (rpm)
        cpe:/a:redhat:confidential_compute_attestation:1.10::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift sandboxed containers 1.1 Unaffected: 1.10.2-1757422401 , < * (rpm)
        cpe:/a:redhat:confidential_compute_attestation:1.10::el9
    Create a notification for this product.
    Siemens RUGGEDCOM ROX MX5000 Affected: 0 , < V2.17.1 (custom)
    Create a notification for this product.
    Siemens RUGGEDCOM ROX MX5000RE Affected: 0 , < V2.17.1 (custom)
    Create a notification for this product.
    Siemens RUGGEDCOM ROX RX1400 Affected: 0 , < V2.17.1 (custom)
    Create a notification for this product.
    Siemens RUGGEDCOM ROX RX1500 Affected: 0 , < V2.17.1 (custom)
    Create a notification for this product.
    Siemens RUGGEDCOM ROX RX1501 Affected: 0 , < V2.17.1 (custom)
    Create a notification for this product.
    Siemens RUGGEDCOM ROX RX1510 Affected: 0 , < V2.17.1 (custom)
    Create a notification for this product.
    Siemens RUGGEDCOM ROX RX1511 Affected: 0 , < V2.17.1 (custom)
    Create a notification for this product.
    Siemens RUGGEDCOM ROX RX1512 Affected: 0 , < V2.17.1 (custom)
    Create a notification for this product.
    Siemens RUGGEDCOM ROX RX1524 Affected: 0 , < V2.17.1 (custom)
    Create a notification for this product.
    Siemens RUGGEDCOM ROX RX1536 Affected: 0 , < V2.17.1 (custom)
    Create a notification for this product.
    Siemens RUGGEDCOM ROX RX5000 Affected: 0 , < V2.17.1 (custom)
    Create a notification for this product.
    Date Public
    2025-06-17 00:00
    Credits
    Red Hat would like to thank Olivier BAL-PETRE (ANSSI - French Cybersecurity Agency) for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-6020",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-17T13:30:00.379966Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-18T14:14:28.136Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-03T18:13:57.307Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2025/06/17/1"
              },
              {
                "url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00021.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "defaultStatus": "unknown",
                "product": "RUGGEDCOM ROX MX5000",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "V2.17.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "RUGGEDCOM ROX MX5000RE",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "V2.17.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "RUGGEDCOM ROX RX1400",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "V2.17.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "RUGGEDCOM ROX RX1500",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "V2.17.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "RUGGEDCOM ROX RX1501",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "V2.17.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "RUGGEDCOM ROX RX1510",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "V2.17.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "RUGGEDCOM ROX RX1511",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "V2.17.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "RUGGEDCOM ROX RX1512",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "V2.17.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "RUGGEDCOM ROX RX1524",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "V2.17.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "RUGGEDCOM ROX RX1536",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "V2.17.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "RUGGEDCOM ROX RX5000",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "V2.17.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-12T12:02:28.144Z",
              "orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
              "shortName": "siemens-SADP"
            },
            "references": [
              {
                "url": "https://cert-portal.siemens.com/productcert/html/ssa-577017.html"
              }
            ],
            "x_adpType": "supplier"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/linux-pam/linux-pam",
              "defaultStatus": "unaffected",
              "packageName": "linux-pam",
              "versions": [
                {
                  "lessThan": "1.7.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:10.1"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 10",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.6.1-8.el10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux_eus:10.0"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 10.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.6.1-8.el10_0",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_els:7"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.1.8-23.el7_9.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.1-37.el8_10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.1-38.el8_10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.1-8.el8_2.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.1-14.el8_4.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.6::baseos",
                "cpe:/o:redhat:rhel_e4s:8.6::baseos",
                "cpe:/o:redhat:rhel_tus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.1-16.el8_6.2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.6::baseos",
                "cpe:/o:redhat:rhel_e4s:8.6::baseos",
                "cpe:/o:redhat:rhel_tus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.1-16.el8_6.2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.6::baseos",
                "cpe:/o:redhat:rhel_e4s:8.6::baseos",
                "cpe:/o:redhat:rhel_tus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.1-16.el8_6.2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_e4s:8.8::baseos",
                "cpe:/o:redhat:rhel_tus:8.8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.1-26.el8_8.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_e4s:8.8::baseos",
                "cpe:/o:redhat:rhel_tus:8.8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.1-26.el8_8.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-26.el9_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-25.el9_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-26.el9_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-25.el9_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:9.0::appstream",
                "cpe:/o:redhat:rhel_e4s:9.0::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-9.el9_0.2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:9.2::appstream",
                "cpe:/o:redhat:rhel_e4s:9.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-15.el9_2.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.4::appstream",
                "cpe:/o:redhat:rhel_eus:9.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-24.el9_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:webterminal:1.11::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "web-terminal/web-terminal-rhel9-operator",
              "product": "Red Hat Web Terminal 1.11 on RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.11-19",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:webterminal:1.11::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "web-terminal/web-terminal-tooling-rhel9",
              "product": "Red Hat Web Terminal 1.11 on RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.11-8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:webterminal:1.12::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "web-terminal/web-terminal-tooling-rhel9",
              "product": "Red Hat Web Terminal 1.12 on RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.12-4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:rhosemc:1.0::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhpam-7/rhpam-businesscentral-monitoring-rhel8",
              "product": "RHEL-8 based Middleware Containers",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "7.13.5-4.1752066672",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:rhosemc:1.0::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhpam-7/rhpam-businesscentral-rhel8",
              "product": "RHEL-8 based Middleware Containers",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "7.13.5-4.1752065732",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:rhosemc:1.0::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhpam-7/rhpam-controller-rhel8",
              "product": "RHEL-8 based Middleware Containers",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "7.13.5-4.1752065732",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:rhosemc:1.0::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhpam-7/rhpam-dashbuilder-rhel8",
              "product": "RHEL-8 based Middleware Containers",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "7.13.5-3.1752065737",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:rhosemc:1.0::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhpam-7/rhpam-kieserver-rhel8",
              "product": "RHEL-8 based Middleware Containers",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "7.13.5-4.1752065731",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:rhosemc:1.0::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhpam-7/rhpam-operator-bundle",
              "product": "RHEL-8 based Middleware Containers",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "7.13.5-25",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:rhosemc:1.0::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhpam-7/rhpam-process-migration-rhel8",
              "product": "RHEL-8 based Middleware Containers",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "7.13.5-4.1752065736",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:rhosemc:1.0::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhpam-7/rhpam-rhel8-operator",
              "product": "RHEL-8 based Middleware Containers",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "7.13.5-2.1752065733",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:rhosemc:1.0::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhpam-7/rhpam-smartrouter-rhel8",
              "product": "RHEL-8 based Middleware Containers",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "7.13.5-4.1752065755",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-data-index-ephemeral-rhel8",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-data-index-postgresql-rhel8",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-db-migrator-tool-rhel8",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-management-console-rhel8",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-operator-bundle",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-12",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-rhel8-operator",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-18",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-swf-builder-rhel8",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-swf-devmode-rhel8",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:cert_manager:1.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "cert-manager/jetstack-cert-manager-rhel9",
              "product": "cert-manager operator for Red Hat OpenShift 1.16",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v1.16.5-1760515757",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_compliance_operator:1::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "compliance/openshift-compliance-openscap-rhel8",
              "product": "OpenShift Compliance Operator 1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.8.0",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:discovery:2::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "discovery/discovery-server-rhel9",
              "product": "Red Hat Discovery 2",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "2.0.0-1752592913",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:discovery:2::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "discovery/discovery-server-rhel9",
              "product": "Red Hat Discovery 2",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "2.2.1-1758555934",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:insights_proxy:1.5::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "insights-proxy/insights-proxy-container-rhel9",
              "product": "Red Hat Insights proxy 1.5",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.5.7-1759331989",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhosdt/opentelemetry-collector-rhel8",
              "product": "Red Hat OpenShift distributed tracing 3.6.0",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "rhosdt-3.6-1752046452",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhosdt/opentelemetry-rhel8-operator",
              "product": "Red Hat OpenShift distributed tracing 3.6.0",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "rhosdt-3.6-1752046437",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhosdt/opentelemetry-target-allocator-rhel8",
              "product": "Red Hat OpenShift distributed tracing 3.6.0",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "rhosdt-3.6-1752046439",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhosdt/tempo-gateway-opa-rhel8",
              "product": "Red Hat OpenShift distributed tracing 3.6.0",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "rhosdt-3.6-1752070865",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhosdt/tempo-gateway-rhel8",
              "product": "Red Hat OpenShift distributed tracing 3.6.0",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "rhosdt-3.6-1752070873",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhosdt/tempo-jaeger-query-rhel8",
              "product": "Red Hat OpenShift distributed tracing 3.6.0",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "rhosdt-3.6-1751993590",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhosdt/tempo-query-rhel8",
              "product": "Red Hat OpenShift distributed tracing 3.6.0",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "rhosdt-3.6-1752070827",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhosdt/tempo-rhel8",
              "product": "Red Hat OpenShift distributed tracing 3.6.0",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "rhosdt-3.6-1752070833",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhosdt/tempo-rhel8-operator",
              "product": "Red Hat OpenShift distributed tracing 3.6.0",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "rhosdt-3.6-1752070866",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9",
              "product": "Red Hat OpenShift sandboxed containers 1.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.10.2-1757422110",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-sandboxed-containers/osc-monitor-rhel9",
              "product": "Red Hat OpenShift sandboxed containers 1.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.10.2-1757421804",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-sandboxed-containers/osc-podvm-builder-rhel9",
              "product": "Red Hat OpenShift sandboxed containers 1.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.10.2-1757421879",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-sandboxed-containers/osc-podvm-payload-rhel9",
              "product": "Red Hat OpenShift sandboxed containers 1.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.10.2-1757422401",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Olivier BAL-PETRE (ANSSI - French Cybersecurity Agency) for reporting this issue."
            }
          ],
          "datePublic": "2025-06-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T10:40:27.436Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2025:10024",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:10024"
            },
            {
              "name": "RHSA-2025:10027",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:10027"
            },
            {
              "name": "RHSA-2025:10180",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:10180"
            },
            {
              "name": "RHSA-2025:10354",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:10354"
            },
            {
              "name": "RHSA-2025:10357",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:10357"
            },
            {
              "name": "RHSA-2025:10358",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:10358"
            },
            {
              "name": "RHSA-2025:10359",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:10359"
            },
            {
              "name": "RHSA-2025:10361",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:10361"
            },
            {
              "name": "RHSA-2025:10362",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:10362"
            },
            {
              "name": "RHSA-2025:10735",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:10735"
            },
            {
              "name": "RHSA-2025:10823",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:10823"
            },
            {
              "name": "RHSA-2025:11386",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:11386"
            },
            {
              "name": "RHSA-2025:11487",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:11487"
            },
            {
              "name": "RHSA-2025:14557",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:14557"
            },
            {
              "name": "RHSA-2025:15099",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15099"
            },
            {
              "name": "RHSA-2025:15709",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15709"
            },
            {
              "name": "RHSA-2025:15827",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15827"
            },
            {
              "name": "RHSA-2025:15828",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15828"
            },
            {
              "name": "RHSA-2025:16524",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:16524"
            },
            {
              "name": "RHSA-2025:17181",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:17181"
            },
            {
              "name": "RHSA-2025:18219",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:18219"
            },
            {
              "name": "RHSA-2025:20181",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:20181"
            },
            {
              "name": "RHSA-2025:21885",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:21885"
            },
            {
              "name": "RHSA-2025:22019",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:22019"
            },
            {
              "name": "RHSA-2025:9526",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:9526"
            },
            {
              "name": "RHSA-2026:0934",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:0934"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2025-6020"
            },
            {
              "name": "RHBZ#2372512",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372512"
            },
            {
              "url": "https://github.com/linux-pam/linux-pam/security/advisories/GHSA-f9p8-gjr4-j9gx"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-06-12T16:33:01.214Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2025-06-17T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Linux-pam: linux-pam directory traversal",
          "workarounds": [
            {
              "lang": "en",
              "value": "Disable the `pam_namespace` module if it is not essential for your environment, or carefully review and configure it to avoid operating on any directories or paths that can be influenced or controlled by unprivileged users, such as user home directories or world-writable locations like `/tmp`."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2025-6020",
        "datePublished": "2025-06-17T12:44:08.646Z",
        "dateReserved": "2025-06-11T22:38:25.643Z",
        "dateUpdated": "2026-06-30T10:40:27.436Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-5914 (GCVE-0-2025-5914)

    Vulnerability from nvd – Published: 2025-06-09 19:53 – Updated: 2026-06-30 10:40
    VLAI
    Title
    Libarchive: double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c
    Summary
    A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-190 - Integer Overflow or Wraparound
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2025:14130 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:14135 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:14137 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:14141 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:14142 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:14525 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:14528 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:14594 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:14644 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:14808 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:14810 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:14828 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15024 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15397 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15709 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15827 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15828 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:16524 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:18217 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:18218 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:18219 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:19041 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:19046 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:21885 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:21913 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:0326 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:0934 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:1541 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2025-5914 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2370861 issue-trackingx_refsource_REDHAT
    https://github.com/libarchive/libarchive/pull/2598
    https://github.com/libarchive/libarchive/releases…
    Impacted products
    Vendor Product Version
    Affected: 0 , < 3.8.0 (semver)
    Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:3.7.7-4.el10_0 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:10.0
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:3.1.2-14.el7_9.1 , < * (rpm)
        cpe:/o:redhat:rhel_els:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:3.3.3-6.el8_10 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::crb
        cpe:/o:redhat:enterprise_linux:8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:3.3.2-8.el8_2.1 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:3.3.3-1.el8_4.1 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Unaffected: 0:3.3.3-1.el8_4.1 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:3.3.3-6.el8_6 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.6::baseos
        cpe:/o:redhat:rhel_e4s:8.6::baseos
        cpe:/o:redhat:rhel_tus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:3.3.3-6.el8_6 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.6::baseos
        cpe:/o:redhat:rhel_e4s:8.6::baseos
        cpe:/o:redhat:rhel_tus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:3.3.3-6.el8_6 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.6::baseos
        cpe:/o:redhat:rhel_e4s:8.6::baseos
        cpe:/o:redhat:rhel_tus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Telecommunications Update Service Unaffected: 0:3.3.3-5.el8_8.1 , < * (rpm)
        cpe:/o:redhat:rhel_e4s:8.8::baseos
        cpe:/o:redhat:rhel_tus:8.8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Unaffected: 0:3.3.3-5.el8_8.1 , < * (rpm)
        cpe:/o:redhat:rhel_e4s:8.8::baseos
        cpe:/o:redhat:rhel_tus:8.8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:3.5.3-6.el9_6 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
        cpe:/o:redhat:enterprise_linux:9::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:3.5.3-2.el9_0.1 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:9.0::appstream
        cpe:/o:redhat:rhel_e4s:9.0::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Unaffected: 0:3.5.3-5.el9_2 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:9.2::appstream
        cpe:/o:redhat:rhel_e4s:9.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:3.5.3-4.el9_4.1 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.4::appstream
        cpe:/a:redhat:rhel_eus:9.4::crb
        cpe:/o:redhat:rhel_eus:9.4::baseos
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 414.92.202510211419-0 , < * (rpm)
        cpe:/a:redhat:openshift:4.14::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 415.92.202601271320-0 , < * (rpm)
        cpe:/a:redhat:openshift:4.15::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 416.94.202601071926-0 , < * (rpm)
        cpe:/a:redhat:openshift:4.16::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: 417.94.202510112152-0 , < * (rpm)
        cpe:/a:redhat:openshift:4.17::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4.18 Unaffected: 418.94.202510230424-0 , < * (rpm)
        cpe:/a:redhat:openshift:4.18::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4.19 Unaffected: 4.19.9.6.202510140714-0 , < * (rpm)
        cpe:/a:redhat:openshift:4.19::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4.20 Unaffected: 4.20.9.6.202509251656-0 , < * (rpm)
        cpe:/a:redhat:openshift:4.20::el9
    Create a notification for this product.
    Red Hat Red Hat Web Terminal 1.11 on RHEL 9 Unaffected: 1.11-19 , < * (rpm)
        cpe:/a:redhat:webterminal:1.11::el9
    Create a notification for this product.
    Red Hat Red Hat Web Terminal 1.11 on RHEL 9 Unaffected: 1.11-8 , < * (rpm)
        cpe:/a:redhat:webterminal:1.11::el9
    Create a notification for this product.
    Red Hat Red Hat Web Terminal 1.12 on RHEL 9 Unaffected: 1.12-4 , < * (rpm)
        cpe:/a:redhat:webterminal:1.12::el9
    Create a notification for this product.
    Red Hat RHOSS-1.36-RHEL-8 Unaffected: 1.36.0-11 , < * (rpm)
        cpe:/a:redhat:openshift_serverless:1.36::el8
    Create a notification for this product.
    Red Hat RHOSS-1.36-RHEL-8 Unaffected: 1.36.0-10 , < * (rpm)
        cpe:/a:redhat:openshift_serverless:1.36::el8
    Create a notification for this product.
    Red Hat RHOSS-1.36-RHEL-8 Unaffected: 1.36.0-4 , < * (rpm)
        cpe:/a:redhat:openshift_serverless:1.36::el8
    Create a notification for this product.
    Red Hat RHOSS-1.36-RHEL-8 Unaffected: 1.36.0-9 , < * (rpm)
        cpe:/a:redhat:openshift_serverless:1.36::el8
    Create a notification for this product.
    Red Hat RHOSS-1.36-RHEL-8 Unaffected: 1.36.0-12 , < * (rpm)
        cpe:/a:redhat:openshift_serverless:1.36::el8
    Create a notification for this product.
    Red Hat RHOSS-1.36-RHEL-8 Unaffected: 1.36.0-18 , < * (rpm)
        cpe:/a:redhat:openshift_serverless:1.36::el8
    Create a notification for this product.
    Red Hat RHOSS-1.36-RHEL-8 Unaffected: 1.36.0-7 , < * (rpm)
        cpe:/a:redhat:openshift_serverless:1.36::el8
    Create a notification for this product.
    Red Hat cert-manager operator for Red Hat OpenShift 1.16 Unaffected: v1.16.5-1760515757 , < * (rpm)
        cpe:/a:redhat:cert_manager:1.16::el9
    Create a notification for this product.
    Red Hat OpenShift Compliance Operator 1 Unaffected: 1.8.0 , < * (rpm)
        cpe:/a:redhat:openshift_compliance_operator:1::el9
    Create a notification for this product.
    Red Hat OpenShift File Integrity Operator - FIO 1 Unaffected: v1.3 , < * (rpm)
        cpe:/a:redhat:openshift_file_integrity_operator:1::el9
    Create a notification for this product.
    Red Hat Red Hat Discovery 2 Unaffected: 2.2.1-1758555934 , < * (rpm)
        cpe:/a:redhat:discovery:2::el9
    Create a notification for this product.
    Red Hat Red Hat Insights proxy 1.5 Unaffected: 1.5.6-1756187445 , < * (rpm)
        cpe:/a:redhat:insights_proxy:1.5::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3.5.1 Unaffected: rhosdt-3.5-1756116455 , < * (rpm)
        cpe:/a:redhat:openshift_distributed_tracing:3.5::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3.5.1 Unaffected: rhosdt-3.5-1756116482 , < * (rpm)
        cpe:/a:redhat:openshift_distributed_tracing:3.5::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3.5.1 Unaffected: rhosdt-3.5-1756116441 , < * (rpm)
        cpe:/a:redhat:openshift_distributed_tracing:3.5::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3.5.1 Unaffected: rhosdt-3.5-1756116449 , < * (rpm)
        cpe:/a:redhat:openshift_distributed_tracing:3.5::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3.5.1 Unaffected: rhosdt-3.5-1756116439 , < * (rpm)
        cpe:/a:redhat:openshift_distributed_tracing:3.5::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3.5.1 Unaffected: rhosdt-3.5-1756116447 , < * (rpm)
        cpe:/a:redhat:openshift_distributed_tracing:3.5::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3.5.1 Unaffected: rhosdt-3.5-1756128595 , < * (rpm)
        cpe:/a:redhat:openshift_distributed_tracing:3.5::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3.5.1 Unaffected: rhosdt-3.5-1756125872 , < * (rpm)
        cpe:/a:redhat:openshift_distributed_tracing:3.5::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3.5.1 Unaffected: rhosdt-3.5-1756116445 , < * (rpm)
        cpe:/a:redhat:openshift_distributed_tracing:3.5::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift sandboxed containers 1.1 Unaffected: 1.10.2-1757422110 , < * (rpm)
        cpe:/a:redhat:confidential_compute_attestation:1.10::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift sandboxed containers 1.1 Unaffected: 1.10.2-1757421846 , < * (rpm)
        cpe:/a:redhat:confidential_compute_attestation:1.10::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift sandboxed containers 1.1 Unaffected: 1.10.2-1757421804 , < * (rpm)
        cpe:/a:redhat:confidential_compute_attestation:1.10::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift sandboxed containers 1.1 Unaffected: 1.10.2-1757422070 , < * (rpm)
        cpe:/a:redhat:confidential_compute_attestation:1.10::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift sandboxed containers 1.1 Unaffected: 1.10.2-1757421879 , < * (rpm)
        cpe:/a:redhat:confidential_compute_attestation:1.10::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift sandboxed containers 1.1 Unaffected: 1.10.2-1757422401 , < * (rpm)
        cpe:/a:redhat:confidential_compute_attestation:1.10::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift sandboxed containers 1.1 Unaffected: 1.10.2-1757421890 , < * (rpm)
        cpe:/a:redhat:confidential_compute_attestation:1.10::el9
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Date Public
    2025-05-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-5914",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-10T15:14:35.773233Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-10T15:30:42.589Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://github.com/libarchive/libarchive/pull/2598"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/libarchive/libarchive/",
              "defaultStatus": "unaffected",
              "packageName": "libarchive",
              "versions": [
                {
                  "lessThan": "3.8.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:10.0"
              ],
              "defaultStatus": "affected",
              "packageName": "libarchive",
              "product": "Red Hat Enterprise Linux 10",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.7.7-4.el10_0",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_els:7"
              ],
              "defaultStatus": "affected",
              "packageName": "libarchive",
              "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.1.2-14.el7_9.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::crb",
                "cpe:/o:redhat:enterprise_linux:8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "libarchive",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.3.3-6.el8_10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "libarchive",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.3.2-8.el8_2.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "libarchive",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.3.3-1.el8_4.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "libarchive",
              "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.3.3-1.el8_4.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.6::baseos",
                "cpe:/o:redhat:rhel_e4s:8.6::baseos",
                "cpe:/o:redhat:rhel_tus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "libarchive",
              "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.3.3-6.el8_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.6::baseos",
                "cpe:/o:redhat:rhel_e4s:8.6::baseos",
                "cpe:/o:redhat:rhel_tus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "libarchive",
              "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.3.3-6.el8_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.6::baseos",
                "cpe:/o:redhat:rhel_e4s:8.6::baseos",
                "cpe:/o:redhat:rhel_tus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "libarchive",
              "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.3.3-6.el8_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_e4s:8.8::baseos",
                "cpe:/o:redhat:rhel_tus:8.8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "libarchive",
              "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.3.3-5.el8_8.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_e4s:8.8::baseos",
                "cpe:/o:redhat:rhel_tus:8.8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "libarchive",
              "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.3.3-5.el8_8.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "libarchive",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.5.3-6.el9_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "libarchive",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.5.3-6.el9_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:9.0::appstream",
                "cpe:/o:redhat:rhel_e4s:9.0::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "libarchive",
              "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.5.3-2.el9_0.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:9.2::appstream",
                "cpe:/o:redhat:rhel_e4s:9.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "libarchive",
              "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.5.3-5.el9_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.4::appstream",
                "cpe:/a:redhat:rhel_eus:9.4::crb",
                "cpe:/o:redhat:rhel_eus:9.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "libarchive",
              "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.5.3-4.el9_4.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:openshift:4.14::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhcos",
              "product": "Red Hat OpenShift Container Platform 4.14",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "414.92.202510211419-0",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:openshift:4.15::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhcos",
              "product": "Red Hat OpenShift Container Platform 4.15",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "415.92.202601271320-0",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:openshift:4.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhcos",
              "product": "Red Hat OpenShift Container Platform 4.16",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "416.94.202601071926-0",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:openshift:4.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhcos",
              "product": "Red Hat OpenShift Container Platform 4.17",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "417.94.202510112152-0",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:openshift:4.18::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhcos",
              "product": "Red Hat OpenShift Container Platform 4.18",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "418.94.202510230424-0",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:openshift:4.19::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhcos",
              "product": "Red Hat OpenShift Container Platform 4.19",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "4.19.9.6.202510140714-0",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:openshift:4.20::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhcos",
              "product": "Red Hat OpenShift Container Platform 4.20",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "4.20.9.6.202509251656-0",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:webterminal:1.11::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "web-terminal/web-terminal-rhel9-operator",
              "product": "Red Hat Web Terminal 1.11 on RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.11-19",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:webterminal:1.11::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "web-terminal/web-terminal-tooling-rhel9",
              "product": "Red Hat Web Terminal 1.11 on RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.11-8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:webterminal:1.12::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "web-terminal/web-terminal-tooling-rhel9",
              "product": "Red Hat Web Terminal 1.12 on RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.12-4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-data-index-ephemeral-rhel8",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-data-index-postgresql-rhel8",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-db-migrator-tool-rhel8",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-management-console-rhel8",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-operator-bundle",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-12",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-rhel8-operator",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-18",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-swf-builder-rhel8",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-swf-devmode-rhel8",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:cert_manager:1.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "cert-manager/jetstack-cert-manager-rhel9",
              "product": "cert-manager operator for Red Hat OpenShift 1.16",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v1.16.5-1760515757",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_compliance_operator:1::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "compliance/openshift-compliance-must-gather-rhel8",
              "product": "OpenShift Compliance Operator 1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.8.0",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_compliance_operator:1::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "compliance/openshift-compliance-openscap-rhel8",
              "product": "OpenShift Compliance Operator 1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.8.0",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_compliance_operator:1::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "compliance/openshift-compliance-rhel8-operator",
              "product": "OpenShift Compliance Operator 1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.8.0",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_file_integrity_operator:1::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "compliance/openshift-file-integrity-rhel8-operator",
              "product": "OpenShift File Integrity Operator - FIO 1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v1.3",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:discovery:2::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "discovery/discovery-server-rhel9",
              "product": "Red Hat Discovery 2",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "2.2.1-1758555934",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:insights_proxy:1.5::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "insights-proxy/insights-proxy-container-rhel9",
              "product": "Red Hat Insights proxy 1.5",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.5.6-1756187445",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhosdt/jaeger-agent-rhel8",
              "product": "Red Hat OpenShift distributed tracing 3.5.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "rhosdt-3.5-1756116455",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhosdt/jaeger-all-in-one-rhel8",
              "product": "Red Hat OpenShift distributed tracing 3.5.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "rhosdt-3.5-1756116482",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhosdt/jaeger-collector-rhel8",
              "product": "Red Hat OpenShift distributed tracing 3.5.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "rhosdt-3.5-1756116441",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhosdt/jaeger-es-index-cleaner-rhel8",
              "product": "Red Hat OpenShift distributed tracing 3.5.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "rhosdt-3.5-1756116449",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhosdt/jaeger-es-rollover-rhel8",
              "product": "Red Hat OpenShift distributed tracing 3.5.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "rhosdt-3.5-1756116439",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhosdt/jaeger-ingester-rhel8",
              "product": "Red Hat OpenShift distributed tracing 3.5.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "rhosdt-3.5-1756116447",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhosdt/jaeger-operator-bundle",
              "product": "Red Hat OpenShift distributed tracing 3.5.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "rhosdt-3.5-1756128595",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhosdt/jaeger-query-rhel8",
              "product": "Red Hat OpenShift distributed tracing 3.5.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "rhosdt-3.5-1756125872",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhosdt/jaeger-rhel8-operator",
              "product": "Red Hat OpenShift distributed tracing 3.5.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "rhosdt-3.5-1756116445",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9",
              "product": "Red Hat OpenShift sandboxed containers 1.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.10.2-1757422110",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-sandboxed-containers/osc-cloud-api-adaptor-webhook-rhel9",
              "product": "Red Hat OpenShift sandboxed containers 1.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.10.2-1757421846",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-sandboxed-containers/osc-monitor-rhel9",
              "product": "Red Hat OpenShift sandboxed containers 1.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.10.2-1757421804",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-sandboxed-containers/osc-must-gather-rhel9",
              "product": "Red Hat OpenShift sandboxed containers 1.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.10.2-1757422070",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-sandboxed-containers/osc-podvm-builder-rhel9",
              "product": "Red Hat OpenShift sandboxed containers 1.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.10.2-1757421879",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-sandboxed-containers/osc-podvm-payload-rhel9",
              "product": "Red Hat OpenShift sandboxed containers 1.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.10.2-1757422401",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-sandboxed-containers/osc-rhel9-operator",
              "product": "Red Hat OpenShift sandboxed containers 1.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.10.2-1757421890",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:6"
              ],
              "defaultStatus": "unknown",
              "packageName": "libarchive",
              "product": "Red Hat Enterprise Linux 6",
              "vendor": "Red Hat"
            }
          ],
          "datePublic": "2025-05-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-190",
                  "description": "Integer Overflow or Wraparound",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T10:40:27.148Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2025:14130",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:14130"
            },
            {
              "name": "RHSA-2025:14135",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:14135"
            },
            {
              "name": "RHSA-2025:14137",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:14137"
            },
            {
              "name": "RHSA-2025:14141",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:14141"
            },
            {
              "name": "RHSA-2025:14142",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:14142"
            },
            {
              "name": "RHSA-2025:14525",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:14525"
            },
            {
              "name": "RHSA-2025:14528",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:14528"
            },
            {
              "name": "RHSA-2025:14594",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:14594"
            },
            {
              "name": "RHSA-2025:14644",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:14644"
            },
            {
              "name": "RHSA-2025:14808",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:14808"
            },
            {
              "name": "RHSA-2025:14810",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:14810"
            },
            {
              "name": "RHSA-2025:14828",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:14828"
            },
            {
              "name": "RHSA-2025:15024",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15024"
            },
            {
              "name": "RHSA-2025:15397",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15397"
            },
            {
              "name": "RHSA-2025:15709",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15709"
            },
            {
              "name": "RHSA-2025:15827",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15827"
            },
            {
              "name": "RHSA-2025:15828",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15828"
            },
            {
              "name": "RHSA-2025:16524",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:16524"
            },
            {
              "name": "RHSA-2025:18217",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:18217"
            },
            {
              "name": "RHSA-2025:18218",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:18218"
            },
            {
              "name": "RHSA-2025:18219",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:18219"
            },
            {
              "name": "RHSA-2025:19041",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:19041"
            },
            {
              "name": "RHSA-2025:19046",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:19046"
            },
            {
              "name": "RHSA-2025:21885",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:21885"
            },
            {
              "name": "RHSA-2025:21913",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:21913"
            },
            {
              "name": "RHSA-2026:0326",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:0326"
            },
            {
              "name": "RHSA-2026:0934",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:0934"
            },
            {
              "name": "RHSA-2026:1541",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:1541"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2025-5914"
            },
            {
              "name": "RHBZ#2370861",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370861"
            },
            {
              "url": "https://github.com/libarchive/libarchive/pull/2598"
            },
            {
              "url": "https://github.com/libarchive/libarchive/releases/tag/v3.8.0"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-06-06T17:58:25.491Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2025-05-20T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Libarchive: double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-190: Integer Overflow or Wraparound"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2025-5914",
        "datePublished": "2025-06-09T19:53:48.923Z",
        "dateReserved": "2025-06-09T08:10:18.779Z",
        "dateUpdated": "2026-06-30T10:40:27.148Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-5791 (GCVE-0-2025-5791)

    Vulnerability from nvd – Published: 2025-06-06 13:10 – Updated: 2025-11-20 07:41
    VLAI
    Title
    Users: `root` appended to group listings
    Summary
    A flaw was found in the user's crate for Rust. This vulnerability allows privilege escalation via incorrect group listing when a user or process has fewer than exactly 1024 groups, leading to the erroneous inclusion of the root group in the access list.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-266 - Incorrect Privilege Assignment
    Assigner
    Impacted products
    Vendor Product Version
    Affected: 0.8.0 , < 0.11.1 (semver)
    Red Hat Red Hat OpenShift sandboxed containers 1.1 Unaffected: sha256:a6f29da891174e57fcfd131da7aa90c50459ba24164111b83120a1b91f2eabba , < * (rpm)
        cpe:/a:redhat:confidential_compute_attestation:1.10::el9
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
    Create a notification for this product.
    Red Hat Red Hat Trusted Profile Analyzer     cpe:/a:redhat:trusted_profile_analyzer:1
    Create a notification for this product.
    Date Public
    2025-01-15 12:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-5791",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-06T13:40:43.009202Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-06T13:40:47.773Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/ogham/rust-users/",
              "defaultStatus": "unaffected",
              "packageName": "rust-users",
              "versions": [
                {
                  "lessThan": "0.11.1",
                  "status": "affected",
                  "version": "0.8.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-sandboxed-containers/osc-rhel9-operator",
              "product": "Red Hat OpenShift sandboxed containers 1.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "sha256:a6f29da891174e57fcfd131da7aa90c50459ba24164111b83120a1b91f2eabba",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:10"
              ],
              "defaultStatus": "affected",
              "packageName": "rust-ssh-key-dir",
              "product": "Red Hat Enterprise Linux 10",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:9"
              ],
              "defaultStatus": "affected",
              "packageName": "rust-afterburn",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:openshift:4"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kata-containers",
              "product": "Red Hat OpenShift Container Platform 4",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:openshift:4"
              ],
              "defaultStatus": "affected",
              "packageName": "rust-afterburn",
              "product": "Red Hat OpenShift Container Platform 4",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:trusted_profile_analyzer:1"
              ],
              "defaultStatus": "affected",
              "packageName": "rhtpa/rhtpa-trustification-service-rhel9",
              "product": "Red Hat Trusted Profile Analyzer",
              "vendor": "Red Hat"
            }
          ],
          "datePublic": "2025-01-15T12:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in the user\u0027s crate for Rust. This vulnerability allows privilege escalation via incorrect group listing when a user or process has fewer than exactly 1024 groups, leading to the erroneous inclusion of the root group in the access list."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-266",
                  "description": "Incorrect Privilege Assignment",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-20T07:41:09.666Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2025:12359",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:12359"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2025-5791"
            },
            {
              "name": "RHBZ#2370001",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370001"
            },
            {
              "url": "https://crates.io/crates/users"
            },
            {
              "url": "https://github.com/ogham/rust-users/issues/44"
            },
            {
              "url": "https://rustsec.org/advisories/RUSTSEC-2025-0040.html"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-06-03T13:02:24.781Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2025-01-15T12:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Users: `root` appended to group listings",
          "x_redhatCweChain": "CWE-266: Incorrect Privilege Assignment"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2025-5791",
        "datePublished": "2025-06-06T13:10:07.157Z",
        "dateReserved": "2025-06-06T08:09:10.242Z",
        "dateUpdated": "2025-11-20T07:41:09.666Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-8941 (GCVE-0-2025-8941)

    Vulnerability from cvelistv5 – Published: 2025-08-13 14:42 – Updated: 2026-02-26 17:48
    VLAI
    Title
    Linux-pam: incomplete fix for cve-2025-6020
    Summary
    A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2025:14557 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15099 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15100 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15101 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15102 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15103 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15104 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15105 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15106 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15107 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15709 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15827 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15828 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:16524 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:17181 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:18219 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:21885 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2025-8941 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2388220 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:1.1.8-23.el7_9.2 , < * (rpm)
        cpe:/o:redhat:rhel_els:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.3.1-38.el8_10 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.3.1-8.el8_2.2 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.3.1-14.el8_4.2 , < * (rpm)
        cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
        cpe:/o:redhat:rhel_aus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Unaffected: 0:1.3.1-14.el8_4.2 , < * (rpm)
        cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
        cpe:/o:redhat:rhel_aus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:1.3.1-16.el8_6.3 , < * (rpm)
        cpe:/o:redhat:rhel_e4s:8.6::baseos
        cpe:/o:redhat:rhel_tus:8.6::baseos
        cpe:/o:redhat:rhel_aus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:1.3.1-16.el8_6.3 , < * (rpm)
        cpe:/o:redhat:rhel_e4s:8.6::baseos
        cpe:/o:redhat:rhel_tus:8.6::baseos
        cpe:/o:redhat:rhel_aus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:1.3.1-16.el8_6.3 , < * (rpm)
        cpe:/o:redhat:rhel_e4s:8.6::baseos
        cpe:/o:redhat:rhel_tus:8.6::baseos
        cpe:/o:redhat:rhel_aus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Telecommunications Update Service Unaffected: 0:1.3.1-26.el8_8.2 , < * (rpm)
        cpe:/o:redhat:rhel_e4s:8.8::baseos
        cpe:/o:redhat:rhel_tus:8.8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Unaffected: 0:1.3.1-26.el8_8.2 , < * (rpm)
        cpe:/o:redhat:rhel_e4s:8.8::baseos
        cpe:/o:redhat:rhel_tus:8.8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.5.1-26.el9_6 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
        cpe:/o:redhat:enterprise_linux:9::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:1.5.1-9.el9_0.3 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:9.0::appstream
        cpe:/o:redhat:rhel_e4s:9.0::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Unaffected: 0:1.5.1-15.el9_2.2 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:9.2::appstream
        cpe:/o:redhat:rhel_e4s:9.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:1.5.1-24.el9_4.1 , < * (rpm)
        cpe:/o:redhat:rhel_eus:9.4::baseos
        cpe:/a:redhat:rhel_eus:9.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Web Terminal 1.11 on RHEL 9 Unaffected: 1.11-19 , < * (rpm)
        cpe:/a:redhat:webterminal:1.11::el9
    Create a notification for this product.
    Red Hat Red Hat Web Terminal 1.11 on RHEL 9 Unaffected: 1.11-8 , < * (rpm)
        cpe:/a:redhat:webterminal:1.11::el9
    Create a notification for this product.
    Red Hat Red Hat Web Terminal 1.12 on RHEL 9 Unaffected: 1.12-4 , < * (rpm)
        cpe:/a:redhat:webterminal:1.12::el9
    Create a notification for this product.
    Red Hat cert-manager operator for Red Hat OpenShift 1.16 Unaffected: sha256:330e8b5ab4841a21f8f5f23cc7fb192197872f11639b12bf4b1e70831f636323 , < * (rpm)
        cpe:/a:redhat:cert_manager:1.16::el9
    Create a notification for this product.
    Red Hat Compliance Operator 1 Unaffected: sha256:c953e9f9abf9cf25bf65bb3ffdc86ccf49b3e69a1cf3fbb47b6972e421fd6628 , < * (rpm)
        cpe:/a:redhat:openshift_compliance_operator:1::el9
    Create a notification for this product.
    Red Hat Red Hat Discovery 2 Unaffected: sha256:c85cfbcaf7888885e57596b7b8bde3894718cfc33326499b24961a66a62cf083 , < * (rpm)
        cpe:/a:redhat:discovery:2::el9
    Create a notification for this product.
    Red Hat Red Hat Insights proxy 1.5 Unaffected: sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea , < * (rpm)
        cpe:/a:redhat:insights_proxy:1.5::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift sandboxed containers 1.1 Unaffected: sha256:24722900db1425bf0c27f6ad6f3fb7d79ff9ebc433bdab58423fa71bab76122b , < * (rpm)
        cpe:/a:redhat:confidential_compute_attestation:1.10::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift sandboxed containers 1.1 Unaffected: sha256:f5e1602d72177d77f1b879c76e6f6cfbc2979c136c06ca9f03ea97ffb369b7a6 , < * (rpm)
        cpe:/a:redhat:confidential_compute_attestation:1.10::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift sandboxed containers 1.1 Unaffected: sha256:cead623ceda4048cabaa81c371ed2a8143f5c5514276fca1d71685bd9e6d1e65 , < * (rpm)
        cpe:/a:redhat:confidential_compute_attestation:1.10::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift sandboxed containers 1.1 Unaffected: sha256:59fb1f7f1653361d94f7d48b42d8fe19ed3263c1c78654837c11f2135544c1ac , < * (rpm)
        cpe:/a:redhat:confidential_compute_attestation:1.10::el9
    Create a notification for this product.
    Date Public
    2025-08-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-8941",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-14T03:56:02.437686Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:48:41.074Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/linux-pam/linux-pam",
              "defaultStatus": "unaffected",
              "packageName": "linux-pam"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_els:7"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.1.8-23.el7_9.2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.1-38.el8_10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.1-8.el8_2.2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos",
                "cpe:/o:redhat:rhel_aus:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.1-14.el8_4.2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos",
                "cpe:/o:redhat:rhel_aus:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.1-14.el8_4.2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_e4s:8.6::baseos",
                "cpe:/o:redhat:rhel_tus:8.6::baseos",
                "cpe:/o:redhat:rhel_aus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.1-16.el8_6.3",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_e4s:8.6::baseos",
                "cpe:/o:redhat:rhel_tus:8.6::baseos",
                "cpe:/o:redhat:rhel_aus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.1-16.el8_6.3",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_e4s:8.6::baseos",
                "cpe:/o:redhat:rhel_tus:8.6::baseos",
                "cpe:/o:redhat:rhel_aus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.1-16.el8_6.3",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_e4s:8.8::baseos",
                "cpe:/o:redhat:rhel_tus:8.8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.1-26.el8_8.2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_e4s:8.8::baseos",
                "cpe:/o:redhat:rhel_tus:8.8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.1-26.el8_8.2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-26.el9_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-26.el9_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:9.0::appstream",
                "cpe:/o:redhat:rhel_e4s:9.0::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-9.el9_0.3",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:9.2::appstream",
                "cpe:/o:redhat:rhel_e4s:9.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-15.el9_2.2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:9.4::baseos",
                "cpe:/a:redhat:rhel_eus:9.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-24.el9_4.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:webterminal:1.11::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "web-terminal/web-terminal-rhel9-operator",
              "product": "Red Hat Web Terminal 1.11 on RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.11-19",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:webterminal:1.11::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "web-terminal/web-terminal-tooling-rhel9",
              "product": "Red Hat Web Terminal 1.11 on RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.11-8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:webterminal:1.12::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "web-terminal/web-terminal-tooling-rhel9",
              "product": "Red Hat Web Terminal 1.12 on RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.12-4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:cert_manager:1.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "cert-manager/jetstack-cert-manager-rhel9",
              "product": "cert-manager operator for Red Hat OpenShift 1.16",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "sha256:330e8b5ab4841a21f8f5f23cc7fb192197872f11639b12bf4b1e70831f636323",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_compliance_operator:1::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "compliance/openshift-compliance-openscap-rhel8",
              "product": "Compliance Operator 1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "sha256:c953e9f9abf9cf25bf65bb3ffdc86ccf49b3e69a1cf3fbb47b6972e421fd6628",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:discovery:2::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "discovery/discovery-server-rhel9",
              "product": "Red Hat Discovery 2",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "sha256:c85cfbcaf7888885e57596b7b8bde3894718cfc33326499b24961a66a62cf083",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:insights_proxy:1.5::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "insights-proxy/insights-proxy-container-rhel9",
              "product": "Red Hat Insights proxy 1.5",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9",
              "product": "Red Hat OpenShift sandboxed containers 1.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "sha256:24722900db1425bf0c27f6ad6f3fb7d79ff9ebc433bdab58423fa71bab76122b",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-sandboxed-containers/osc-monitor-rhel9",
              "product": "Red Hat OpenShift sandboxed containers 1.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "sha256:f5e1602d72177d77f1b879c76e6f6cfbc2979c136c06ca9f03ea97ffb369b7a6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-sandboxed-containers/osc-podvm-builder-rhel9",
              "product": "Red Hat OpenShift sandboxed containers 1.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "sha256:cead623ceda4048cabaa81c371ed2a8143f5c5514276fca1d71685bd9e6d1e65",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-sandboxed-containers/osc-podvm-payload-rhel9",
              "product": "Red Hat OpenShift sandboxed containers 1.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "sha256:59fb1f7f1653361d94f7d48b42d8fe19ed3263c1c78654837c11f2135544c1ac",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "datePublic": "2025-08-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a \"complete\" fix for CVE-2025-6020."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-12-10T20:56:35.028Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2025:14557",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:14557"
            },
            {
              "name": "RHSA-2025:15099",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15099"
            },
            {
              "name": "RHSA-2025:15100",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15100"
            },
            {
              "name": "RHSA-2025:15101",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15101"
            },
            {
              "name": "RHSA-2025:15102",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15102"
            },
            {
              "name": "RHSA-2025:15103",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15103"
            },
            {
              "name": "RHSA-2025:15104",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15104"
            },
            {
              "name": "RHSA-2025:15105",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15105"
            },
            {
              "name": "RHSA-2025:15106",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15106"
            },
            {
              "name": "RHSA-2025:15107",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15107"
            },
            {
              "name": "RHSA-2025:15709",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15709"
            },
            {
              "name": "RHSA-2025:15827",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15827"
            },
            {
              "name": "RHSA-2025:15828",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15828"
            },
            {
              "name": "RHSA-2025:16524",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:16524"
            },
            {
              "name": "RHSA-2025:17181",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:17181"
            },
            {
              "name": "RHSA-2025:18219",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:18219"
            },
            {
              "name": "RHSA-2025:21885",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:21885"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2025-8941"
            },
            {
              "name": "RHBZ#2388220",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388220"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-08-13T12:11:55.270Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2025-08-13T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Linux-pam: incomplete fix for cve-2025-6020",
          "workarounds": [
            {
              "lang": "en",
              "value": "Disable the `pam_namespace` module if it is not essential for your environment, or carefully review and configure it to avoid operating on any directories or paths that can be influenced or controlled by unprivileged users, such as user home directories or world-writable locations like `/tmp`."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2025-8941",
        "datePublished": "2025-08-13T14:42:37.570Z",
        "dateReserved": "2025-08-13T12:24:47.522Z",
        "dateUpdated": "2026-02-26T17:48:41.074Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-6020 (GCVE-0-2025-6020)

    Vulnerability from cvelistv5 – Published: 2025-06-17 12:44 – Updated: 2026-06-30 10:40
    VLAI
    Title
    Linux-pam: linux-pam directory traversal
    Summary
    A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2025:10024 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:10027 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:10180 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:10354 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:10357 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:10358 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:10359 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:10361 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:10362 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:10735 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:10823 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:11386 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:11487 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:14557 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15099 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15709 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15827 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15828 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:16524 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:17181 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:18219 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:20181 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:21885 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:22019 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:9526 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:0934 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2025-6020 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2372512 issue-trackingx_refsource_REDHAT
    https://github.com/linux-pam/linux-pam/security/a…
    http://www.openwall.com/lists/oss-security/2025/06/17/1
    https://lists.debian.org/debian-lts-announce/2025…
    https://cert-portal.siemens.com/productcert/html/…
    Impacted products
    Vendor Product Version
    Affected: 0 , < 1.7.1 (semver)
    Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:1.6.1-8.el10 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:10.1
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 10.0 Extended Update Support Unaffected: 0:1.6.1-8.el10_0 , < * (rpm)
        cpe:/o:redhat:enterprise_linux_eus:10.0
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:1.1.8-23.el7_9.1 , < * (rpm)
        cpe:/o:redhat:rhel_els:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.3.1-37.el8_10 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.3.1-38.el8_10 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.3.1-8.el8_2.1 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.3.1-14.el8_4.1 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:1.3.1-16.el8_6.2 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.6::baseos
        cpe:/o:redhat:rhel_e4s:8.6::baseos
        cpe:/o:redhat:rhel_tus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:1.3.1-16.el8_6.2 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.6::baseos
        cpe:/o:redhat:rhel_e4s:8.6::baseos
        cpe:/o:redhat:rhel_tus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:1.3.1-16.el8_6.2 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.6::baseos
        cpe:/o:redhat:rhel_e4s:8.6::baseos
        cpe:/o:redhat:rhel_tus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Telecommunications Update Service Unaffected: 0:1.3.1-26.el8_8.1 , < * (rpm)
        cpe:/o:redhat:rhel_e4s:8.8::baseos
        cpe:/o:redhat:rhel_tus:8.8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Unaffected: 0:1.3.1-26.el8_8.1 , < * (rpm)
        cpe:/o:redhat:rhel_e4s:8.8::baseos
        cpe:/o:redhat:rhel_tus:8.8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.5.1-26.el9_6 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
        cpe:/o:redhat:enterprise_linux:9::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.5.1-25.el9_6 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
        cpe:/o:redhat:enterprise_linux:9::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:1.5.1-9.el9_0.2 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:9.0::appstream
        cpe:/o:redhat:rhel_e4s:9.0::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Unaffected: 0:1.5.1-15.el9_2.1 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:9.2::appstream
        cpe:/o:redhat:rhel_e4s:9.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:1.5.1-24.el9_4 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.4::appstream
        cpe:/o:redhat:rhel_eus:9.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Web Terminal 1.11 on RHEL 9 Unaffected: 1.11-19 , < * (rpm)
        cpe:/a:redhat:webterminal:1.11::el9
    Create a notification for this product.
    Red Hat Red Hat Web Terminal 1.11 on RHEL 9 Unaffected: 1.11-8 , < * (rpm)
        cpe:/a:redhat:webterminal:1.11::el9
    Create a notification for this product.
    Red Hat Red Hat Web Terminal 1.12 on RHEL 9 Unaffected: 1.12-4 , < * (rpm)
        cpe:/a:redhat:webterminal:1.12::el9
    Create a notification for this product.
    Red Hat RHEL-8 based Middleware Containers Unaffected: 7.13.5-4.1752066672 , < * (rpm)
        cpe:/a:redhat:rhosemc:1.0::el8
    Create a notification for this product.
    Red Hat RHEL-8 based Middleware Containers Unaffected: 7.13.5-4.1752065732 , < * (rpm)
        cpe:/a:redhat:rhosemc:1.0::el8
    Create a notification for this product.
    Red Hat RHEL-8 based Middleware Containers Unaffected: 7.13.5-3.1752065737 , < * (rpm)
        cpe:/a:redhat:rhosemc:1.0::el8
    Create a notification for this product.
    Red Hat RHEL-8 based Middleware Containers Unaffected: 7.13.5-4.1752065731 , < * (rpm)
        cpe:/a:redhat:rhosemc:1.0::el8
    Create a notification for this product.
    Red Hat RHEL-8 based Middleware Containers Unaffected: 7.13.5-25 , < * (rpm)
        cpe:/a:redhat:rhosemc:1.0::el8
    Create a notification for this product.
    Red Hat RHEL-8 based Middleware Containers Unaffected: 7.13.5-4.1752065736 , < * (rpm)
        cpe:/a:redhat:rhosemc:1.0::el8
    Create a notification for this product.
    Red Hat RHEL-8 based Middleware Containers Unaffected: 7.13.5-2.1752065733 , < * (rpm)
        cpe:/a:redhat:rhosemc:1.0::el8
    Create a notification for this product.
    Red Hat RHEL-8 based Middleware Containers Unaffected: 7.13.5-4.1752065755 , < * (rpm)
        cpe:/a:redhat:rhosemc:1.0::el8
    Create a notification for this product.
    Red Hat RHOSS-1.36-RHEL-8 Unaffected: 1.36.0-11 , < * (rpm)
        cpe:/a:redhat:openshift_serverless:1.36::el8
    Create a notification for this product.
    Red Hat RHOSS-1.36-RHEL-8 Unaffected: 1.36.0-10 , < * (rpm)
        cpe:/a:redhat:openshift_serverless:1.36::el8
    Create a notification for this product.
    Red Hat RHOSS-1.36-RHEL-8 Unaffected: 1.36.0-4 , < * (rpm)
        cpe:/a:redhat:openshift_serverless:1.36::el8
    Create a notification for this product.
    Red Hat RHOSS-1.36-RHEL-8 Unaffected: 1.36.0-9 , < * (rpm)
        cpe:/a:redhat:openshift_serverless:1.36::el8
    Create a notification for this product.
    Red Hat RHOSS-1.36-RHEL-8 Unaffected: 1.36.0-12 , < * (rpm)
        cpe:/a:redhat:openshift_serverless:1.36::el8
    Create a notification for this product.
    Red Hat RHOSS-1.36-RHEL-8 Unaffected: 1.36.0-18 , < * (rpm)
        cpe:/a:redhat:openshift_serverless:1.36::el8
    Create a notification for this product.
    Red Hat RHOSS-1.36-RHEL-8 Unaffected: 1.36.0-7 , < * (rpm)
        cpe:/a:redhat:openshift_serverless:1.36::el8
    Create a notification for this product.
    Red Hat cert-manager operator for Red Hat OpenShift 1.16 Unaffected: v1.16.5-1760515757 , < * (rpm)
        cpe:/a:redhat:cert_manager:1.16::el9
    Create a notification for this product.
    Red Hat OpenShift Compliance Operator 1 Unaffected: 1.8.0 , < * (rpm)
        cpe:/a:redhat:openshift_compliance_operator:1::el9
    Create a notification for this product.
    Red Hat Red Hat Discovery 2 Unaffected: 2.0.0-1752592913 , < * (rpm)
        cpe:/a:redhat:discovery:2::el9
    Create a notification for this product.
    Red Hat Red Hat Discovery 2 Unaffected: 2.2.1-1758555934 , < * (rpm)
        cpe:/a:redhat:discovery:2::el9
    Create a notification for this product.
    Red Hat Red Hat Insights proxy 1.5 Unaffected: 1.5.7-1759331989 , < * (rpm)
        cpe:/a:redhat:insights_proxy:1.5::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3.6.0 Unaffected: rhosdt-3.6-1752046452 , < * (rpm)
        cpe:/a:redhat:openshift_distributed_tracing:3.6::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3.6.0 Unaffected: rhosdt-3.6-1752046437 , < * (rpm)
        cpe:/a:redhat:openshift_distributed_tracing:3.6::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3.6.0 Unaffected: rhosdt-3.6-1752046439 , < * (rpm)
        cpe:/a:redhat:openshift_distributed_tracing:3.6::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3.6.0 Unaffected: rhosdt-3.6-1752070865 , < * (rpm)
        cpe:/a:redhat:openshift_distributed_tracing:3.6::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3.6.0 Unaffected: rhosdt-3.6-1752070873 , < * (rpm)
        cpe:/a:redhat:openshift_distributed_tracing:3.6::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3.6.0 Unaffected: rhosdt-3.6-1751993590 , < * (rpm)
        cpe:/a:redhat:openshift_distributed_tracing:3.6::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3.6.0 Unaffected: rhosdt-3.6-1752070827 , < * (rpm)
        cpe:/a:redhat:openshift_distributed_tracing:3.6::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3.6.0 Unaffected: rhosdt-3.6-1752070833 , < * (rpm)
        cpe:/a:redhat:openshift_distributed_tracing:3.6::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3.6.0 Unaffected: rhosdt-3.6-1752070866 , < * (rpm)
        cpe:/a:redhat:openshift_distributed_tracing:3.6::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift sandboxed containers 1.1 Unaffected: 1.10.2-1757422110 , < * (rpm)
        cpe:/a:redhat:confidential_compute_attestation:1.10::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift sandboxed containers 1.1 Unaffected: 1.10.2-1757421804 , < * (rpm)
        cpe:/a:redhat:confidential_compute_attestation:1.10::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift sandboxed containers 1.1 Unaffected: 1.10.2-1757421879 , < * (rpm)
        cpe:/a:redhat:confidential_compute_attestation:1.10::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift sandboxed containers 1.1 Unaffected: 1.10.2-1757422401 , < * (rpm)
        cpe:/a:redhat:confidential_compute_attestation:1.10::el9
    Create a notification for this product.
    Siemens RUGGEDCOM ROX MX5000 Affected: 0 , < V2.17.1 (custom)
    Create a notification for this product.
    Siemens RUGGEDCOM ROX MX5000RE Affected: 0 , < V2.17.1 (custom)
    Create a notification for this product.
    Siemens RUGGEDCOM ROX RX1400 Affected: 0 , < V2.17.1 (custom)
    Create a notification for this product.
    Siemens RUGGEDCOM ROX RX1500 Affected: 0 , < V2.17.1 (custom)
    Create a notification for this product.
    Siemens RUGGEDCOM ROX RX1501 Affected: 0 , < V2.17.1 (custom)
    Create a notification for this product.
    Siemens RUGGEDCOM ROX RX1510 Affected: 0 , < V2.17.1 (custom)
    Create a notification for this product.
    Siemens RUGGEDCOM ROX RX1511 Affected: 0 , < V2.17.1 (custom)
    Create a notification for this product.
    Siemens RUGGEDCOM ROX RX1512 Affected: 0 , < V2.17.1 (custom)
    Create a notification for this product.
    Siemens RUGGEDCOM ROX RX1524 Affected: 0 , < V2.17.1 (custom)
    Create a notification for this product.
    Siemens RUGGEDCOM ROX RX1536 Affected: 0 , < V2.17.1 (custom)
    Create a notification for this product.
    Siemens RUGGEDCOM ROX RX5000 Affected: 0 , < V2.17.1 (custom)
    Create a notification for this product.
    Date Public
    2025-06-17 00:00
    Credits
    Red Hat would like to thank Olivier BAL-PETRE (ANSSI - French Cybersecurity Agency) for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-6020",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-17T13:30:00.379966Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-18T14:14:28.136Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-03T18:13:57.307Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2025/06/17/1"
              },
              {
                "url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00021.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "defaultStatus": "unknown",
                "product": "RUGGEDCOM ROX MX5000",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "V2.17.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "RUGGEDCOM ROX MX5000RE",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "V2.17.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "RUGGEDCOM ROX RX1400",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "V2.17.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "RUGGEDCOM ROX RX1500",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "V2.17.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "RUGGEDCOM ROX RX1501",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "V2.17.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "RUGGEDCOM ROX RX1510",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "V2.17.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "RUGGEDCOM ROX RX1511",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "V2.17.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "RUGGEDCOM ROX RX1512",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "V2.17.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "RUGGEDCOM ROX RX1524",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "V2.17.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "RUGGEDCOM ROX RX1536",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "V2.17.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "RUGGEDCOM ROX RX5000",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "V2.17.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-12T12:02:28.144Z",
              "orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
              "shortName": "siemens-SADP"
            },
            "references": [
              {
                "url": "https://cert-portal.siemens.com/productcert/html/ssa-577017.html"
              }
            ],
            "x_adpType": "supplier"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/linux-pam/linux-pam",
              "defaultStatus": "unaffected",
              "packageName": "linux-pam",
              "versions": [
                {
                  "lessThan": "1.7.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:10.1"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 10",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.6.1-8.el10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux_eus:10.0"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 10.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.6.1-8.el10_0",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_els:7"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.1.8-23.el7_9.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.1-37.el8_10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.1-38.el8_10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.1-8.el8_2.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.1-14.el8_4.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.6::baseos",
                "cpe:/o:redhat:rhel_e4s:8.6::baseos",
                "cpe:/o:redhat:rhel_tus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.1-16.el8_6.2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.6::baseos",
                "cpe:/o:redhat:rhel_e4s:8.6::baseos",
                "cpe:/o:redhat:rhel_tus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.1-16.el8_6.2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.6::baseos",
                "cpe:/o:redhat:rhel_e4s:8.6::baseos",
                "cpe:/o:redhat:rhel_tus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.1-16.el8_6.2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_e4s:8.8::baseos",
                "cpe:/o:redhat:rhel_tus:8.8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.1-26.el8_8.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_e4s:8.8::baseos",
                "cpe:/o:redhat:rhel_tus:8.8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.3.1-26.el8_8.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-26.el9_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-25.el9_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-26.el9_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-25.el9_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:9.0::appstream",
                "cpe:/o:redhat:rhel_e4s:9.0::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-9.el9_0.2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:9.2::appstream",
                "cpe:/o:redhat:rhel_e4s:9.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-15.el9_2.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.4::appstream",
                "cpe:/o:redhat:rhel_eus:9.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "pam",
              "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.5.1-24.el9_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:webterminal:1.11::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "web-terminal/web-terminal-rhel9-operator",
              "product": "Red Hat Web Terminal 1.11 on RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.11-19",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:webterminal:1.11::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "web-terminal/web-terminal-tooling-rhel9",
              "product": "Red Hat Web Terminal 1.11 on RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.11-8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:webterminal:1.12::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "web-terminal/web-terminal-tooling-rhel9",
              "product": "Red Hat Web Terminal 1.12 on RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.12-4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:rhosemc:1.0::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhpam-7/rhpam-businesscentral-monitoring-rhel8",
              "product": "RHEL-8 based Middleware Containers",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "7.13.5-4.1752066672",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:rhosemc:1.0::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhpam-7/rhpam-businesscentral-rhel8",
              "product": "RHEL-8 based Middleware Containers",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "7.13.5-4.1752065732",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:rhosemc:1.0::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhpam-7/rhpam-controller-rhel8",
              "product": "RHEL-8 based Middleware Containers",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "7.13.5-4.1752065732",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:rhosemc:1.0::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhpam-7/rhpam-dashbuilder-rhel8",
              "product": "RHEL-8 based Middleware Containers",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "7.13.5-3.1752065737",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:rhosemc:1.0::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhpam-7/rhpam-kieserver-rhel8",
              "product": "RHEL-8 based Middleware Containers",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "7.13.5-4.1752065731",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:rhosemc:1.0::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhpam-7/rhpam-operator-bundle",
              "product": "RHEL-8 based Middleware Containers",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "7.13.5-25",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:rhosemc:1.0::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhpam-7/rhpam-process-migration-rhel8",
              "product": "RHEL-8 based Middleware Containers",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "7.13.5-4.1752065736",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:rhosemc:1.0::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhpam-7/rhpam-rhel8-operator",
              "product": "RHEL-8 based Middleware Containers",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "7.13.5-2.1752065733",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:rhosemc:1.0::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhpam-7/rhpam-smartrouter-rhel8",
              "product": "RHEL-8 based Middleware Containers",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "7.13.5-4.1752065755",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-data-index-ephemeral-rhel8",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-data-index-postgresql-rhel8",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-db-migrator-tool-rhel8",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-management-console-rhel8",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-operator-bundle",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-12",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-rhel8-operator",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-18",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-swf-builder-rhel8",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-swf-devmode-rhel8",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:cert_manager:1.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "cert-manager/jetstack-cert-manager-rhel9",
              "product": "cert-manager operator for Red Hat OpenShift 1.16",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v1.16.5-1760515757",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_compliance_operator:1::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "compliance/openshift-compliance-openscap-rhel8",
              "product": "OpenShift Compliance Operator 1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.8.0",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:discovery:2::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "discovery/discovery-server-rhel9",
              "product": "Red Hat Discovery 2",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "2.0.0-1752592913",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:discovery:2::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "discovery/discovery-server-rhel9",
              "product": "Red Hat Discovery 2",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "2.2.1-1758555934",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:insights_proxy:1.5::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "insights-proxy/insights-proxy-container-rhel9",
              "product": "Red Hat Insights proxy 1.5",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.5.7-1759331989",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhosdt/opentelemetry-collector-rhel8",
              "product": "Red Hat OpenShift distributed tracing 3.6.0",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "rhosdt-3.6-1752046452",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhosdt/opentelemetry-rhel8-operator",
              "product": "Red Hat OpenShift distributed tracing 3.6.0",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "rhosdt-3.6-1752046437",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhosdt/opentelemetry-target-allocator-rhel8",
              "product": "Red Hat OpenShift distributed tracing 3.6.0",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "rhosdt-3.6-1752046439",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhosdt/tempo-gateway-opa-rhel8",
              "product": "Red Hat OpenShift distributed tracing 3.6.0",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "rhosdt-3.6-1752070865",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhosdt/tempo-gateway-rhel8",
              "product": "Red Hat OpenShift distributed tracing 3.6.0",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "rhosdt-3.6-1752070873",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhosdt/tempo-jaeger-query-rhel8",
              "product": "Red Hat OpenShift distributed tracing 3.6.0",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "rhosdt-3.6-1751993590",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhosdt/tempo-query-rhel8",
              "product": "Red Hat OpenShift distributed tracing 3.6.0",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "rhosdt-3.6-1752070827",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhosdt/tempo-rhel8",
              "product": "Red Hat OpenShift distributed tracing 3.6.0",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "rhosdt-3.6-1752070833",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhosdt/tempo-rhel8-operator",
              "product": "Red Hat OpenShift distributed tracing 3.6.0",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "rhosdt-3.6-1752070866",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9",
              "product": "Red Hat OpenShift sandboxed containers 1.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.10.2-1757422110",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-sandboxed-containers/osc-monitor-rhel9",
              "product": "Red Hat OpenShift sandboxed containers 1.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.10.2-1757421804",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-sandboxed-containers/osc-podvm-builder-rhel9",
              "product": "Red Hat OpenShift sandboxed containers 1.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.10.2-1757421879",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-sandboxed-containers/osc-podvm-payload-rhel9",
              "product": "Red Hat OpenShift sandboxed containers 1.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.10.2-1757422401",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Olivier BAL-PETRE (ANSSI - French Cybersecurity Agency) for reporting this issue."
            }
          ],
          "datePublic": "2025-06-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T10:40:27.436Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2025:10024",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:10024"
            },
            {
              "name": "RHSA-2025:10027",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:10027"
            },
            {
              "name": "RHSA-2025:10180",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:10180"
            },
            {
              "name": "RHSA-2025:10354",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:10354"
            },
            {
              "name": "RHSA-2025:10357",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:10357"
            },
            {
              "name": "RHSA-2025:10358",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:10358"
            },
            {
              "name": "RHSA-2025:10359",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:10359"
            },
            {
              "name": "RHSA-2025:10361",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:10361"
            },
            {
              "name": "RHSA-2025:10362",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:10362"
            },
            {
              "name": "RHSA-2025:10735",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:10735"
            },
            {
              "name": "RHSA-2025:10823",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:10823"
            },
            {
              "name": "RHSA-2025:11386",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:11386"
            },
            {
              "name": "RHSA-2025:11487",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:11487"
            },
            {
              "name": "RHSA-2025:14557",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:14557"
            },
            {
              "name": "RHSA-2025:15099",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15099"
            },
            {
              "name": "RHSA-2025:15709",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15709"
            },
            {
              "name": "RHSA-2025:15827",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15827"
            },
            {
              "name": "RHSA-2025:15828",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15828"
            },
            {
              "name": "RHSA-2025:16524",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:16524"
            },
            {
              "name": "RHSA-2025:17181",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:17181"
            },
            {
              "name": "RHSA-2025:18219",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:18219"
            },
            {
              "name": "RHSA-2025:20181",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:20181"
            },
            {
              "name": "RHSA-2025:21885",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:21885"
            },
            {
              "name": "RHSA-2025:22019",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:22019"
            },
            {
              "name": "RHSA-2025:9526",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:9526"
            },
            {
              "name": "RHSA-2026:0934",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:0934"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2025-6020"
            },
            {
              "name": "RHBZ#2372512",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372512"
            },
            {
              "url": "https://github.com/linux-pam/linux-pam/security/advisories/GHSA-f9p8-gjr4-j9gx"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-06-12T16:33:01.214Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2025-06-17T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Linux-pam: linux-pam directory traversal",
          "workarounds": [
            {
              "lang": "en",
              "value": "Disable the `pam_namespace` module if it is not essential for your environment, or carefully review and configure it to avoid operating on any directories or paths that can be influenced or controlled by unprivileged users, such as user home directories or world-writable locations like `/tmp`."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2025-6020",
        "datePublished": "2025-06-17T12:44:08.646Z",
        "dateReserved": "2025-06-11T22:38:25.643Z",
        "dateUpdated": "2026-06-30T10:40:27.436Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-5914 (GCVE-0-2025-5914)

    Vulnerability from cvelistv5 – Published: 2025-06-09 19:53 – Updated: 2026-06-30 10:40
    VLAI
    Title
    Libarchive: double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c
    Summary
    A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-190 - Integer Overflow or Wraparound
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2025:14130 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:14135 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:14137 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:14141 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:14142 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:14525 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:14528 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:14594 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:14644 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:14808 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:14810 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:14828 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15024 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15397 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15709 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15827 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:15828 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:16524 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:18217 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:18218 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:18219 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:19041 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:19046 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:21885 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:21913 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:0326 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:0934 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:1541 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2025-5914 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2370861 issue-trackingx_refsource_REDHAT
    https://github.com/libarchive/libarchive/pull/2598
    https://github.com/libarchive/libarchive/releases…
    Impacted products
    Vendor Product Version
    Affected: 0 , < 3.8.0 (semver)
    Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:3.7.7-4.el10_0 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:10.0
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:3.1.2-14.el7_9.1 , < * (rpm)
        cpe:/o:redhat:rhel_els:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:3.3.3-6.el8_10 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::crb
        cpe:/o:redhat:enterprise_linux:8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:3.3.2-8.el8_2.1 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:3.3.3-1.el8_4.1 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Unaffected: 0:3.3.3-1.el8_4.1 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:3.3.3-6.el8_6 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.6::baseos
        cpe:/o:redhat:rhel_e4s:8.6::baseos
        cpe:/o:redhat:rhel_tus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:3.3.3-6.el8_6 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.6::baseos
        cpe:/o:redhat:rhel_e4s:8.6::baseos
        cpe:/o:redhat:rhel_tus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:3.3.3-6.el8_6 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.6::baseos
        cpe:/o:redhat:rhel_e4s:8.6::baseos
        cpe:/o:redhat:rhel_tus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Telecommunications Update Service Unaffected: 0:3.3.3-5.el8_8.1 , < * (rpm)
        cpe:/o:redhat:rhel_e4s:8.8::baseos
        cpe:/o:redhat:rhel_tus:8.8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Unaffected: 0:3.3.3-5.el8_8.1 , < * (rpm)
        cpe:/o:redhat:rhel_e4s:8.8::baseos
        cpe:/o:redhat:rhel_tus:8.8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:3.5.3-6.el9_6 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
        cpe:/o:redhat:enterprise_linux:9::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:3.5.3-2.el9_0.1 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:9.0::appstream
        cpe:/o:redhat:rhel_e4s:9.0::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Unaffected: 0:3.5.3-5.el9_2 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:9.2::appstream
        cpe:/o:redhat:rhel_e4s:9.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:3.5.3-4.el9_4.1 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.4::appstream
        cpe:/a:redhat:rhel_eus:9.4::crb
        cpe:/o:redhat:rhel_eus:9.4::baseos
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 414.92.202510211419-0 , < * (rpm)
        cpe:/a:redhat:openshift:4.14::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 415.92.202601271320-0 , < * (rpm)
        cpe:/a:redhat:openshift:4.15::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 416.94.202601071926-0 , < * (rpm)
        cpe:/a:redhat:openshift:4.16::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: 417.94.202510112152-0 , < * (rpm)
        cpe:/a:redhat:openshift:4.17::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4.18 Unaffected: 418.94.202510230424-0 , < * (rpm)
        cpe:/a:redhat:openshift:4.18::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4.19 Unaffected: 4.19.9.6.202510140714-0 , < * (rpm)
        cpe:/a:redhat:openshift:4.19::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4.20 Unaffected: 4.20.9.6.202509251656-0 , < * (rpm)
        cpe:/a:redhat:openshift:4.20::el9
    Create a notification for this product.
    Red Hat Red Hat Web Terminal 1.11 on RHEL 9 Unaffected: 1.11-19 , < * (rpm)
        cpe:/a:redhat:webterminal:1.11::el9
    Create a notification for this product.
    Red Hat Red Hat Web Terminal 1.11 on RHEL 9 Unaffected: 1.11-8 , < * (rpm)
        cpe:/a:redhat:webterminal:1.11::el9
    Create a notification for this product.
    Red Hat Red Hat Web Terminal 1.12 on RHEL 9 Unaffected: 1.12-4 , < * (rpm)
        cpe:/a:redhat:webterminal:1.12::el9
    Create a notification for this product.
    Red Hat RHOSS-1.36-RHEL-8 Unaffected: 1.36.0-11 , < * (rpm)
        cpe:/a:redhat:openshift_serverless:1.36::el8
    Create a notification for this product.
    Red Hat RHOSS-1.36-RHEL-8 Unaffected: 1.36.0-10 , < * (rpm)
        cpe:/a:redhat:openshift_serverless:1.36::el8
    Create a notification for this product.
    Red Hat RHOSS-1.36-RHEL-8 Unaffected: 1.36.0-4 , < * (rpm)
        cpe:/a:redhat:openshift_serverless:1.36::el8
    Create a notification for this product.
    Red Hat RHOSS-1.36-RHEL-8 Unaffected: 1.36.0-9 , < * (rpm)
        cpe:/a:redhat:openshift_serverless:1.36::el8
    Create a notification for this product.
    Red Hat RHOSS-1.36-RHEL-8 Unaffected: 1.36.0-12 , < * (rpm)
        cpe:/a:redhat:openshift_serverless:1.36::el8
    Create a notification for this product.
    Red Hat RHOSS-1.36-RHEL-8 Unaffected: 1.36.0-18 , < * (rpm)
        cpe:/a:redhat:openshift_serverless:1.36::el8
    Create a notification for this product.
    Red Hat RHOSS-1.36-RHEL-8 Unaffected: 1.36.0-7 , < * (rpm)
        cpe:/a:redhat:openshift_serverless:1.36::el8
    Create a notification for this product.
    Red Hat cert-manager operator for Red Hat OpenShift 1.16 Unaffected: v1.16.5-1760515757 , < * (rpm)
        cpe:/a:redhat:cert_manager:1.16::el9
    Create a notification for this product.
    Red Hat OpenShift Compliance Operator 1 Unaffected: 1.8.0 , < * (rpm)
        cpe:/a:redhat:openshift_compliance_operator:1::el9
    Create a notification for this product.
    Red Hat OpenShift File Integrity Operator - FIO 1 Unaffected: v1.3 , < * (rpm)
        cpe:/a:redhat:openshift_file_integrity_operator:1::el9
    Create a notification for this product.
    Red Hat Red Hat Discovery 2 Unaffected: 2.2.1-1758555934 , < * (rpm)
        cpe:/a:redhat:discovery:2::el9
    Create a notification for this product.
    Red Hat Red Hat Insights proxy 1.5 Unaffected: 1.5.6-1756187445 , < * (rpm)
        cpe:/a:redhat:insights_proxy:1.5::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3.5.1 Unaffected: rhosdt-3.5-1756116455 , < * (rpm)
        cpe:/a:redhat:openshift_distributed_tracing:3.5::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3.5.1 Unaffected: rhosdt-3.5-1756116482 , < * (rpm)
        cpe:/a:redhat:openshift_distributed_tracing:3.5::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3.5.1 Unaffected: rhosdt-3.5-1756116441 , < * (rpm)
        cpe:/a:redhat:openshift_distributed_tracing:3.5::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3.5.1 Unaffected: rhosdt-3.5-1756116449 , < * (rpm)
        cpe:/a:redhat:openshift_distributed_tracing:3.5::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3.5.1 Unaffected: rhosdt-3.5-1756116439 , < * (rpm)
        cpe:/a:redhat:openshift_distributed_tracing:3.5::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3.5.1 Unaffected: rhosdt-3.5-1756116447 , < * (rpm)
        cpe:/a:redhat:openshift_distributed_tracing:3.5::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3.5.1 Unaffected: rhosdt-3.5-1756128595 , < * (rpm)
        cpe:/a:redhat:openshift_distributed_tracing:3.5::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3.5.1 Unaffected: rhosdt-3.5-1756125872 , < * (rpm)
        cpe:/a:redhat:openshift_distributed_tracing:3.5::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3.5.1 Unaffected: rhosdt-3.5-1756116445 , < * (rpm)
        cpe:/a:redhat:openshift_distributed_tracing:3.5::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift sandboxed containers 1.1 Unaffected: 1.10.2-1757422110 , < * (rpm)
        cpe:/a:redhat:confidential_compute_attestation:1.10::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift sandboxed containers 1.1 Unaffected: 1.10.2-1757421846 , < * (rpm)
        cpe:/a:redhat:confidential_compute_attestation:1.10::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift sandboxed containers 1.1 Unaffected: 1.10.2-1757421804 , < * (rpm)
        cpe:/a:redhat:confidential_compute_attestation:1.10::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift sandboxed containers 1.1 Unaffected: 1.10.2-1757422070 , < * (rpm)
        cpe:/a:redhat:confidential_compute_attestation:1.10::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift sandboxed containers 1.1 Unaffected: 1.10.2-1757421879 , < * (rpm)
        cpe:/a:redhat:confidential_compute_attestation:1.10::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift sandboxed containers 1.1 Unaffected: 1.10.2-1757422401 , < * (rpm)
        cpe:/a:redhat:confidential_compute_attestation:1.10::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift sandboxed containers 1.1 Unaffected: 1.10.2-1757421890 , < * (rpm)
        cpe:/a:redhat:confidential_compute_attestation:1.10::el9
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Date Public
    2025-05-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-5914",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-10T15:14:35.773233Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-10T15:30:42.589Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://github.com/libarchive/libarchive/pull/2598"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/libarchive/libarchive/",
              "defaultStatus": "unaffected",
              "packageName": "libarchive",
              "versions": [
                {
                  "lessThan": "3.8.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:10.0"
              ],
              "defaultStatus": "affected",
              "packageName": "libarchive",
              "product": "Red Hat Enterprise Linux 10",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.7.7-4.el10_0",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_els:7"
              ],
              "defaultStatus": "affected",
              "packageName": "libarchive",
              "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.1.2-14.el7_9.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::crb",
                "cpe:/o:redhat:enterprise_linux:8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "libarchive",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.3.3-6.el8_10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "libarchive",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.3.2-8.el8_2.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "libarchive",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.3.3-1.el8_4.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "libarchive",
              "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.3.3-1.el8_4.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.6::baseos",
                "cpe:/o:redhat:rhel_e4s:8.6::baseos",
                "cpe:/o:redhat:rhel_tus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "libarchive",
              "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.3.3-6.el8_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.6::baseos",
                "cpe:/o:redhat:rhel_e4s:8.6::baseos",
                "cpe:/o:redhat:rhel_tus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "libarchive",
              "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.3.3-6.el8_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.6::baseos",
                "cpe:/o:redhat:rhel_e4s:8.6::baseos",
                "cpe:/o:redhat:rhel_tus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "libarchive",
              "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.3.3-6.el8_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_e4s:8.8::baseos",
                "cpe:/o:redhat:rhel_tus:8.8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "libarchive",
              "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.3.3-5.el8_8.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_e4s:8.8::baseos",
                "cpe:/o:redhat:rhel_tus:8.8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "libarchive",
              "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.3.3-5.el8_8.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "libarchive",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.5.3-6.el9_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "libarchive",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.5.3-6.el9_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:9.0::appstream",
                "cpe:/o:redhat:rhel_e4s:9.0::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "libarchive",
              "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.5.3-2.el9_0.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:9.2::appstream",
                "cpe:/o:redhat:rhel_e4s:9.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "libarchive",
              "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.5.3-5.el9_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.4::appstream",
                "cpe:/a:redhat:rhel_eus:9.4::crb",
                "cpe:/o:redhat:rhel_eus:9.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "libarchive",
              "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:3.5.3-4.el9_4.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:openshift:4.14::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhcos",
              "product": "Red Hat OpenShift Container Platform 4.14",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "414.92.202510211419-0",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:openshift:4.15::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhcos",
              "product": "Red Hat OpenShift Container Platform 4.15",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "415.92.202601271320-0",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:openshift:4.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhcos",
              "product": "Red Hat OpenShift Container Platform 4.16",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "416.94.202601071926-0",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:openshift:4.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhcos",
              "product": "Red Hat OpenShift Container Platform 4.17",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "417.94.202510112152-0",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:openshift:4.18::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhcos",
              "product": "Red Hat OpenShift Container Platform 4.18",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "418.94.202510230424-0",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:openshift:4.19::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhcos",
              "product": "Red Hat OpenShift Container Platform 4.19",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "4.19.9.6.202510140714-0",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:openshift:4.20::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhcos",
              "product": "Red Hat OpenShift Container Platform 4.20",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "4.20.9.6.202509251656-0",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:webterminal:1.11::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "web-terminal/web-terminal-rhel9-operator",
              "product": "Red Hat Web Terminal 1.11 on RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.11-19",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:webterminal:1.11::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "web-terminal/web-terminal-tooling-rhel9",
              "product": "Red Hat Web Terminal 1.11 on RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.11-8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:webterminal:1.12::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "web-terminal/web-terminal-tooling-rhel9",
              "product": "Red Hat Web Terminal 1.12 on RHEL 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.12-4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-data-index-ephemeral-rhel8",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-data-index-postgresql-rhel8",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-db-migrator-tool-rhel8",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-management-console-rhel8",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-operator-bundle",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-12",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-rhel8-operator",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-18",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-swf-builder-rhel8",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_serverless:1.36::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-serverless-1/logic-swf-devmode-rhel8",
              "product": "RHOSS-1.36-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.36.0-7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:cert_manager:1.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "cert-manager/jetstack-cert-manager-rhel9",
              "product": "cert-manager operator for Red Hat OpenShift 1.16",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v1.16.5-1760515757",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_compliance_operator:1::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "compliance/openshift-compliance-must-gather-rhel8",
              "product": "OpenShift Compliance Operator 1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.8.0",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_compliance_operator:1::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "compliance/openshift-compliance-openscap-rhel8",
              "product": "OpenShift Compliance Operator 1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.8.0",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_compliance_operator:1::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "compliance/openshift-compliance-rhel8-operator",
              "product": "OpenShift Compliance Operator 1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.8.0",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_file_integrity_operator:1::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "compliance/openshift-file-integrity-rhel8-operator",
              "product": "OpenShift File Integrity Operator - FIO 1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v1.3",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:discovery:2::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "discovery/discovery-server-rhel9",
              "product": "Red Hat Discovery 2",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "2.2.1-1758555934",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:insights_proxy:1.5::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "insights-proxy/insights-proxy-container-rhel9",
              "product": "Red Hat Insights proxy 1.5",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.5.6-1756187445",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhosdt/jaeger-agent-rhel8",
              "product": "Red Hat OpenShift distributed tracing 3.5.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "rhosdt-3.5-1756116455",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhosdt/jaeger-all-in-one-rhel8",
              "product": "Red Hat OpenShift distributed tracing 3.5.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "rhosdt-3.5-1756116482",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhosdt/jaeger-collector-rhel8",
              "product": "Red Hat OpenShift distributed tracing 3.5.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "rhosdt-3.5-1756116441",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhosdt/jaeger-es-index-cleaner-rhel8",
              "product": "Red Hat OpenShift distributed tracing 3.5.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "rhosdt-3.5-1756116449",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhosdt/jaeger-es-rollover-rhel8",
              "product": "Red Hat OpenShift distributed tracing 3.5.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "rhosdt-3.5-1756116439",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhosdt/jaeger-ingester-rhel8",
              "product": "Red Hat OpenShift distributed tracing 3.5.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "rhosdt-3.5-1756116447",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhosdt/jaeger-operator-bundle",
              "product": "Red Hat OpenShift distributed tracing 3.5.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "rhosdt-3.5-1756128595",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhosdt/jaeger-query-rhel8",
              "product": "Red Hat OpenShift distributed tracing 3.5.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "rhosdt-3.5-1756125872",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "rhosdt/jaeger-rhel8-operator",
              "product": "Red Hat OpenShift distributed tracing 3.5.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "rhosdt-3.5-1756116445",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9",
              "product": "Red Hat OpenShift sandboxed containers 1.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.10.2-1757422110",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-sandboxed-containers/osc-cloud-api-adaptor-webhook-rhel9",
              "product": "Red Hat OpenShift sandboxed containers 1.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.10.2-1757421846",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-sandboxed-containers/osc-monitor-rhel9",
              "product": "Red Hat OpenShift sandboxed containers 1.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.10.2-1757421804",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-sandboxed-containers/osc-must-gather-rhel9",
              "product": "Red Hat OpenShift sandboxed containers 1.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.10.2-1757422070",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-sandboxed-containers/osc-podvm-builder-rhel9",
              "product": "Red Hat OpenShift sandboxed containers 1.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.10.2-1757421879",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-sandboxed-containers/osc-podvm-payload-rhel9",
              "product": "Red Hat OpenShift sandboxed containers 1.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.10.2-1757422401",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-sandboxed-containers/osc-rhel9-operator",
              "product": "Red Hat OpenShift sandboxed containers 1.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1.10.2-1757421890",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:6"
              ],
              "defaultStatus": "unknown",
              "packageName": "libarchive",
              "product": "Red Hat Enterprise Linux 6",
              "vendor": "Red Hat"
            }
          ],
          "datePublic": "2025-05-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-190",
                  "description": "Integer Overflow or Wraparound",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T10:40:27.148Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2025:14130",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:14130"
            },
            {
              "name": "RHSA-2025:14135",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:14135"
            },
            {
              "name": "RHSA-2025:14137",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:14137"
            },
            {
              "name": "RHSA-2025:14141",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:14141"
            },
            {
              "name": "RHSA-2025:14142",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:14142"
            },
            {
              "name": "RHSA-2025:14525",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:14525"
            },
            {
              "name": "RHSA-2025:14528",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:14528"
            },
            {
              "name": "RHSA-2025:14594",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:14594"
            },
            {
              "name": "RHSA-2025:14644",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:14644"
            },
            {
              "name": "RHSA-2025:14808",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:14808"
            },
            {
              "name": "RHSA-2025:14810",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:14810"
            },
            {
              "name": "RHSA-2025:14828",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:14828"
            },
            {
              "name": "RHSA-2025:15024",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15024"
            },
            {
              "name": "RHSA-2025:15397",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15397"
            },
            {
              "name": "RHSA-2025:15709",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15709"
            },
            {
              "name": "RHSA-2025:15827",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15827"
            },
            {
              "name": "RHSA-2025:15828",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:15828"
            },
            {
              "name": "RHSA-2025:16524",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:16524"
            },
            {
              "name": "RHSA-2025:18217",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:18217"
            },
            {
              "name": "RHSA-2025:18218",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:18218"
            },
            {
              "name": "RHSA-2025:18219",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:18219"
            },
            {
              "name": "RHSA-2025:19041",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:19041"
            },
            {
              "name": "RHSA-2025:19046",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:19046"
            },
            {
              "name": "RHSA-2025:21885",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:21885"
            },
            {
              "name": "RHSA-2025:21913",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:21913"
            },
            {
              "name": "RHSA-2026:0326",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:0326"
            },
            {
              "name": "RHSA-2026:0934",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:0934"
            },
            {
              "name": "RHSA-2026:1541",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:1541"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2025-5914"
            },
            {
              "name": "RHBZ#2370861",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370861"
            },
            {
              "url": "https://github.com/libarchive/libarchive/pull/2598"
            },
            {
              "url": "https://github.com/libarchive/libarchive/releases/tag/v3.8.0"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-06-06T17:58:25.491Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2025-05-20T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Libarchive: double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-190: Integer Overflow or Wraparound"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2025-5914",
        "datePublished": "2025-06-09T19:53:48.923Z",
        "dateReserved": "2025-06-09T08:10:18.779Z",
        "dateUpdated": "2026-06-30T10:40:27.148Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-5791 (GCVE-0-2025-5791)

    Vulnerability from cvelistv5 – Published: 2025-06-06 13:10 – Updated: 2025-11-20 07:41
    VLAI
    Title
    Users: `root` appended to group listings
    Summary
    A flaw was found in the user's crate for Rust. This vulnerability allows privilege escalation via incorrect group listing when a user or process has fewer than exactly 1024 groups, leading to the erroneous inclusion of the root group in the access list.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-266 - Incorrect Privilege Assignment
    Assigner
    Impacted products
    Vendor Product Version
    Affected: 0.8.0 , < 0.11.1 (semver)
    Red Hat Red Hat OpenShift sandboxed containers 1.1 Unaffected: sha256:a6f29da891174e57fcfd131da7aa90c50459ba24164111b83120a1b91f2eabba , < * (rpm)
        cpe:/a:redhat:confidential_compute_attestation:1.10::el9
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
    Create a notification for this product.
    Red Hat Red Hat Trusted Profile Analyzer     cpe:/a:redhat:trusted_profile_analyzer:1
    Create a notification for this product.
    Date Public
    2025-01-15 12:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-5791",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-06T13:40:43.009202Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-06T13:40:47.773Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/ogham/rust-users/",
              "defaultStatus": "unaffected",
              "packageName": "rust-users",
              "versions": [
                {
                  "lessThan": "0.11.1",
                  "status": "affected",
                  "version": "0.8.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-sandboxed-containers/osc-rhel9-operator",
              "product": "Red Hat OpenShift sandboxed containers 1.1",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "sha256:a6f29da891174e57fcfd131da7aa90c50459ba24164111b83120a1b91f2eabba",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:10"
              ],
              "defaultStatus": "affected",
              "packageName": "rust-ssh-key-dir",
              "product": "Red Hat Enterprise Linux 10",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:9"
              ],
              "defaultStatus": "affected",
              "packageName": "rust-afterburn",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:openshift:4"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kata-containers",
              "product": "Red Hat OpenShift Container Platform 4",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:openshift:4"
              ],
              "defaultStatus": "affected",
              "packageName": "rust-afterburn",
              "product": "Red Hat OpenShift Container Platform 4",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:trusted_profile_analyzer:1"
              ],
              "defaultStatus": "affected",
              "packageName": "rhtpa/rhtpa-trustification-service-rhel9",
              "product": "Red Hat Trusted Profile Analyzer",
              "vendor": "Red Hat"
            }
          ],
          "datePublic": "2025-01-15T12:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in the user\u0027s crate for Rust. This vulnerability allows privilege escalation via incorrect group listing when a user or process has fewer than exactly 1024 groups, leading to the erroneous inclusion of the root group in the access list."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-266",
                  "description": "Incorrect Privilege Assignment",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-20T07:41:09.666Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2025:12359",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:12359"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2025-5791"
            },
            {
              "name": "RHBZ#2370001",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370001"
            },
            {
              "url": "https://crates.io/crates/users"
            },
            {
              "url": "https://github.com/ogham/rust-users/issues/44"
            },
            {
              "url": "https://rustsec.org/advisories/RUSTSEC-2025-0040.html"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-06-03T13:02:24.781Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2025-01-15T12:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Users: `root` appended to group listings",
          "x_redhatCweChain": "CWE-266: Incorrect Privilege Assignment"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2025-5791",
        "datePublished": "2025-06-06T13:10:07.157Z",
        "dateReserved": "2025-06-06T08:09:10.242Z",
        "dateUpdated": "2025-11-20T07:41:09.666Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }