Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-0725 (GCVE-0-2025-0725)
Vulnerability from cvelistv5 – Published: 2025-02-05 09:18 – Updated: 2025-06-12 16:04
VLAI
EPSS
Title
gzip integer overflow
Summary
When libcurl is asked to perform automatic gzip decompression of
content-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option,
**using zlib 1.2.0.3 or older**, an attacker-controlled integer overflow would
make libcurl perform a buffer overflow.
Severity
7.3 (High)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
8 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| curl | curl |
Affected:
8.11.1 , ≤ 8.11.1
(semver)
Affected: 8.11.0 , ≤ 8.11.0 (semver) Affected: 8.10.1 , ≤ 8.10.1 (semver) Affected: 8.10.0 , ≤ 8.10.0 (semver) Affected: 8.9.1 , ≤ 8.9.1 (semver) Affected: 8.9.0 , ≤ 8.9.0 (semver) Affected: 8.8.0 , ≤ 8.8.0 (semver) Affected: 8.7.1 , ≤ 8.7.1 (semver) Affected: 8.7.0 , ≤ 8.7.0 (semver) Affected: 8.6.0 , ≤ 8.6.0 (semver) Affected: 8.5.0 , ≤ 8.5.0 (semver) Affected: 8.4.0 , ≤ 8.4.0 (semver) Affected: 8.3.0 , ≤ 8.3.0 (semver) Affected: 8.2.1 , ≤ 8.2.1 (semver) Affected: 8.2.0 , ≤ 8.2.0 (semver) Affected: 8.1.2 , ≤ 8.1.2 (semver) Affected: 8.1.1 , ≤ 8.1.1 (semver) Affected: 8.1.0 , ≤ 8.1.0 (semver) Affected: 8.0.1 , ≤ 8.0.1 (semver) Affected: 8.0.0 , ≤ 8.0.0 (semver) Affected: 7.88.1 , ≤ 7.88.1 (semver) Affected: 7.88.0 , ≤ 7.88.0 (semver) Affected: 7.87.0 , ≤ 7.87.0 (semver) Affected: 7.86.0 , ≤ 7.86.0 (semver) Affected: 7.85.0 , ≤ 7.85.0 (semver) Affected: 7.84.0 , ≤ 7.84.0 (semver) Affected: 7.83.1 , ≤ 7.83.1 (semver) Affected: 7.83.0 , ≤ 7.83.0 (semver) Affected: 7.82.0 , ≤ 7.82.0 (semver) Affected: 7.81.0 , ≤ 7.81.0 (semver) Affected: 7.80.0 , ≤ 7.80.0 (semver) Affected: 7.79.1 , ≤ 7.79.1 (semver) Affected: 7.79.0 , ≤ 7.79.0 (semver) Affected: 7.78.0 , ≤ 7.78.0 (semver) Affected: 7.77.0 , ≤ 7.77.0 (semver) Affected: 7.76.1 , ≤ 7.76.1 (semver) Affected: 7.76.0 , ≤ 7.76.0 (semver) Affected: 7.75.0 , ≤ 7.75.0 (semver) Affected: 7.74.0 , ≤ 7.74.0 (semver) Affected: 7.73.0 , ≤ 7.73.0 (semver) Affected: 7.72.0 , ≤ 7.72.0 (semver) Affected: 7.71.1 , ≤ 7.71.1 (semver) Affected: 7.71.0 , ≤ 7.71.0 (semver) Affected: 7.70.0 , ≤ 7.70.0 (semver) Affected: 7.69.1 , ≤ 7.69.1 (semver) Affected: 7.69.0 , ≤ 7.69.0 (semver) Affected: 7.68.0 , ≤ 7.68.0 (semver) Affected: 7.67.0 , ≤ 7.67.0 (semver) Affected: 7.66.0 , ≤ 7.66.0 (semver) Affected: 7.65.3 , ≤ 7.65.3 (semver) Affected: 7.65.2 , ≤ 7.65.2 (semver) Affected: 7.65.1 , ≤ 7.65.1 (semver) Affected: 7.65.0 , ≤ 7.65.0 (semver) Affected: 7.64.1 , ≤ 7.64.1 (semver) Affected: 7.64.0 , ≤ 7.64.0 (semver) Affected: 7.63.0 , ≤ 7.63.0 (semver) Affected: 7.62.0 , ≤ 7.62.0 (semver) Affected: 7.61.1 , ≤ 7.61.1 (semver) Affected: 7.61.0 , ≤ 7.61.0 (semver) Affected: 7.60.0 , ≤ 7.60.0 (semver) Affected: 7.59.0 , ≤ 7.59.0 (semver) Affected: 7.58.0 , ≤ 7.58.0 (semver) Affected: 7.57.0 , ≤ 7.57.0 (semver) Affected: 7.56.1 , ≤ 7.56.1 (semver) Affected: 7.56.0 , ≤ 7.56.0 (semver) Affected: 7.55.1 , ≤ 7.55.1 (semver) Affected: 7.55.0 , ≤ 7.55.0 (semver) Affected: 7.54.1 , ≤ 7.54.1 (semver) Affected: 7.54.0 , ≤ 7.54.0 (semver) Affected: 7.53.1 , ≤ 7.53.1 (semver) Affected: 7.53.0 , ≤ 7.53.0 (semver) Affected: 7.52.1 , ≤ 7.52.1 (semver) Affected: 7.52.0 , ≤ 7.52.0 (semver) Affected: 7.51.0 , ≤ 7.51.0 (semver) Affected: 7.50.3 , ≤ 7.50.3 (semver) Affected: 7.50.2 , ≤ 7.50.2 (semver) Affected: 7.50.1 , ≤ 7.50.1 (semver) Affected: 7.50.0 , ≤ 7.50.0 (semver) Affected: 7.49.1 , ≤ 7.49.1 (semver) Affected: 7.49.0 , ≤ 7.49.0 (semver) Affected: 7.48.0 , ≤ 7.48.0 (semver) Affected: 7.47.1 , ≤ 7.47.1 (semver) Affected: 7.47.0 , ≤ 7.47.0 (semver) Affected: 7.46.0 , ≤ 7.46.0 (semver) Affected: 7.45.0 , ≤ 7.45.0 (semver) Affected: 7.44.0 , ≤ 7.44.0 (semver) Affected: 7.43.0 , ≤ 7.43.0 (semver) Affected: 7.42.1 , ≤ 7.42.1 (semver) Affected: 7.42.0 , ≤ 7.42.0 (semver) Affected: 7.41.0 , ≤ 7.41.0 (semver) Affected: 7.40.0 , ≤ 7.40.0 (semver) Affected: 7.39.0 , ≤ 7.39.0 (semver) Affected: 7.38.0 , ≤ 7.38.0 (semver) Affected: 7.37.1 , ≤ 7.37.1 (semver) Affected: 7.37.0 , ≤ 7.37.0 (semver) Affected: 7.36.0 , ≤ 7.36.0 (semver) Affected: 7.35.0 , ≤ 7.35.0 (semver) Affected: 7.34.0 , ≤ 7.34.0 (semver) Affected: 7.33.0 , ≤ 7.33.0 (semver) Affected: 7.32.0 , ≤ 7.32.0 (semver) Affected: 7.31.0 , ≤ 7.31.0 (semver) Affected: 7.30.0 , ≤ 7.30.0 (semver) Affected: 7.29.0 , ≤ 7.29.0 (semver) Affected: 7.28.1 , ≤ 7.28.1 (semver) Affected: 7.28.0 , ≤ 7.28.0 (semver) Affected: 7.27.0 , ≤ 7.27.0 (semver) Affected: 7.26.0 , ≤ 7.26.0 (semver) Affected: 7.25.0 , ≤ 7.25.0 (semver) Affected: 7.24.0 , ≤ 7.24.0 (semver) Affected: 7.23.1 , ≤ 7.23.1 (semver) Affected: 7.23.0 , ≤ 7.23.0 (semver) Affected: 7.22.0 , ≤ 7.22.0 (semver) Affected: 7.21.7 , ≤ 7.21.7 (semver) Affected: 7.21.6 , ≤ 7.21.6 (semver) Affected: 7.21.5 , ≤ 7.21.5 (semver) Affected: 7.21.4 , ≤ 7.21.4 (semver) Affected: 7.21.3 , ≤ 7.21.3 (semver) Affected: 7.21.2 , ≤ 7.21.2 (semver) Affected: 7.21.1 , ≤ 7.21.1 (semver) Affected: 7.21.0 , ≤ 7.21.0 (semver) Affected: 7.20.1 , ≤ 7.20.1 (semver) Affected: 7.20.0 , ≤ 7.20.0 (semver) Affected: 7.19.7 , ≤ 7.19.7 (semver) Affected: 7.19.6 , ≤ 7.19.6 (semver) Affected: 7.19.5 , ≤ 7.19.5 (semver) Affected: 7.19.4 , ≤ 7.19.4 (semver) Affected: 7.19.3 , ≤ 7.19.3 (semver) Affected: 7.19.2 , ≤ 7.19.2 (semver) Affected: 7.19.1 , ≤ 7.19.1 (semver) Affected: 7.19.0 , ≤ 7.19.0 (semver) Affected: 7.18.2 , ≤ 7.18.2 (semver) Affected: 7.18.1 , ≤ 7.18.1 (semver) Affected: 7.18.0 , ≤ 7.18.0 (semver) Affected: 7.17.1 , ≤ 7.17.1 (semver) Affected: 7.17.0 , ≤ 7.17.0 (semver) Affected: 7.16.4 , ≤ 7.16.4 (semver) Affected: 7.16.3 , ≤ 7.16.3 (semver) Affected: 7.16.2 , ≤ 7.16.2 (semver) Affected: 7.16.1 , ≤ 7.16.1 (semver) Affected: 7.16.0 , ≤ 7.16.0 (semver) Affected: 7.15.5 , ≤ 7.15.5 (semver) Affected: 7.15.4 , ≤ 7.15.4 (semver) Affected: 7.15.3 , ≤ 7.15.3 (semver) Affected: 7.15.2 , ≤ 7.15.2 (semver) Affected: 7.15.1 , ≤ 7.15.1 (semver) Affected: 7.15.0 , ≤ 7.15.0 (semver) Affected: 7.14.1 , ≤ 7.14.1 (semver) Affected: 7.14.0 , ≤ 7.14.0 (semver) Affected: 7.13.2 , ≤ 7.13.2 (semver) Affected: 7.13.1 , ≤ 7.13.1 (semver) Affected: 7.13.0 , ≤ 7.13.0 (semver) Affected: 7.12.3 , ≤ 7.12.3 (semver) Affected: 7.12.2 , ≤ 7.12.2 (semver) Affected: 7.12.1 , ≤ 7.12.1 (semver) Affected: 7.12.0 , ≤ 7.12.0 (semver) Affected: 7.11.2 , ≤ 7.11.2 (semver) Affected: 7.11.1 , ≤ 7.11.1 (semver) Affected: 7.11.0 , ≤ 7.11.0 (semver) Affected: 7.10.8 , ≤ 7.10.8 (semver) Affected: 7.10.7 , ≤ 7.10.7 (semver) Affected: 7.10.6 , ≤ 7.10.6 (semver) Affected: 7.10.5 , ≤ 7.10.5 (semver) |
Credits
z2_
Daniel Stenberg
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-06-12T16:04:29.956Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/02/05/3"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/02/06/2"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/02/06/4"
},
{
"url": "https://security.netapp.com/advisory/ntap-20250306-0009/"
},
{
"url": "https://github.com/curl/curl/commit/76f83f0db23846e254d940ec7"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-0725",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-05T14:33:50.737849Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T14:34:15.390Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "curl",
"vendor": "curl",
"versions": [
{
"lessThanOrEqual": "8.11.1",
"status": "affected",
"version": "8.11.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.11.0",
"status": "affected",
"version": "8.11.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.1",
"status": "affected",
"version": "8.10.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0",
"status": "affected",
"version": "8.10.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.9.1",
"status": "affected",
"version": "8.9.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.9.0",
"status": "affected",
"version": "8.9.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.8.0",
"status": "affected",
"version": "8.8.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.7.1",
"status": "affected",
"version": "8.7.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.7.0",
"status": "affected",
"version": "8.7.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.6.0",
"status": "affected",
"version": "8.6.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.5.0",
"status": "affected",
"version": "8.5.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.4.0",
"status": "affected",
"version": "8.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.3.0",
"status": "affected",
"version": "8.3.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.2.1",
"status": "affected",
"version": "8.2.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.2.0",
"status": "affected",
"version": "8.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.1.2",
"status": "affected",
"version": "8.1.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.1.1",
"status": "affected",
"version": "8.1.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.1.0",
"status": "affected",
"version": "8.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.0.1",
"status": "affected",
"version": "8.0.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.0.0",
"status": "affected",
"version": "8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.88.1",
"status": "affected",
"version": "7.88.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.88.0",
"status": "affected",
"version": "7.88.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.87.0",
"status": "affected",
"version": "7.87.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.86.0",
"status": "affected",
"version": "7.86.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.85.0",
"status": "affected",
"version": "7.85.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.84.0",
"status": "affected",
"version": "7.84.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.83.1",
"status": "affected",
"version": "7.83.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.83.0",
"status": "affected",
"version": "7.83.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.82.0",
"status": "affected",
"version": "7.82.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.81.0",
"status": "affected",
"version": "7.81.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.80.0",
"status": "affected",
"version": "7.80.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.79.1",
"status": "affected",
"version": "7.79.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.79.0",
"status": "affected",
"version": "7.79.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.78.0",
"status": "affected",
"version": "7.78.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.77.0",
"status": "affected",
"version": "7.77.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.76.1",
"status": "affected",
"version": "7.76.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.76.0",
"status": "affected",
"version": "7.76.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.75.0",
"status": "affected",
"version": "7.75.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.74.0",
"status": "affected",
"version": "7.74.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.73.0",
"status": "affected",
"version": "7.73.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.72.0",
"status": "affected",
"version": "7.72.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.71.1",
"status": "affected",
"version": "7.71.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.71.0",
"status": "affected",
"version": "7.71.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.70.0",
"status": "affected",
"version": "7.70.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.69.1",
"status": "affected",
"version": "7.69.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.69.0",
"status": "affected",
"version": "7.69.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.68.0",
"status": "affected",
"version": "7.68.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.67.0",
"status": "affected",
"version": "7.67.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.66.0",
"status": "affected",
"version": "7.66.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.65.3",
"status": "affected",
"version": "7.65.3",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.65.2",
"status": "affected",
"version": "7.65.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.65.1",
"status": "affected",
"version": "7.65.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.65.0",
"status": "affected",
"version": "7.65.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.64.1",
"status": "affected",
"version": "7.64.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.64.0",
"status": "affected",
"version": "7.64.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.63.0",
"status": "affected",
"version": "7.63.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.62.0",
"status": "affected",
"version": "7.62.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.61.1",
"status": "affected",
"version": "7.61.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.61.0",
"status": "affected",
"version": "7.61.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.60.0",
"status": "affected",
"version": "7.60.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.59.0",
"status": "affected",
"version": "7.59.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.58.0",
"status": "affected",
"version": "7.58.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.57.0",
"status": "affected",
"version": "7.57.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.56.1",
"status": "affected",
"version": "7.56.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.56.0",
"status": "affected",
"version": "7.56.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.55.1",
"status": "affected",
"version": "7.55.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.55.0",
"status": "affected",
"version": "7.55.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.54.1",
"status": "affected",
"version": "7.54.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.54.0",
"status": "affected",
"version": "7.54.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.53.1",
"status": "affected",
"version": "7.53.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.53.0",
"status": "affected",
"version": "7.53.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.52.1",
"status": "affected",
"version": "7.52.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.52.0",
"status": "affected",
"version": "7.52.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.51.0",
"status": "affected",
"version": "7.51.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.50.3",
"status": "affected",
"version": "7.50.3",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.50.2",
"status": "affected",
"version": "7.50.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.50.1",
"status": "affected",
"version": "7.50.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.50.0",
"status": "affected",
"version": "7.50.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.49.1",
"status": "affected",
"version": "7.49.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.49.0",
"status": "affected",
"version": "7.49.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.48.0",
"status": "affected",
"version": "7.48.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.47.1",
"status": "affected",
"version": "7.47.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.47.0",
"status": "affected",
"version": "7.47.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.46.0",
"status": "affected",
"version": "7.46.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.45.0",
"status": "affected",
"version": "7.45.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.44.0",
"status": "affected",
"version": "7.44.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.43.0",
"status": "affected",
"version": "7.43.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.42.1",
"status": "affected",
"version": "7.42.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.42.0",
"status": "affected",
"version": "7.42.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.41.0",
"status": "affected",
"version": "7.41.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.40.0",
"status": "affected",
"version": "7.40.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.39.0",
"status": "affected",
"version": "7.39.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.38.0",
"status": "affected",
"version": "7.38.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.37.1",
"status": "affected",
"version": "7.37.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.37.0",
"status": "affected",
"version": "7.37.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.36.0",
"status": "affected",
"version": "7.36.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.35.0",
"status": "affected",
"version": "7.35.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.34.0",
"status": "affected",
"version": "7.34.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.33.0",
"status": "affected",
"version": "7.33.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.32.0",
"status": "affected",
"version": "7.32.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.31.0",
"status": "affected",
"version": "7.31.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.30.0",
"status": "affected",
"version": "7.30.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.29.0",
"status": "affected",
"version": "7.29.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.28.1",
"status": "affected",
"version": "7.28.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.28.0",
"status": "affected",
"version": "7.28.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.27.0",
"status": "affected",
"version": "7.27.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.26.0",
"status": "affected",
"version": "7.26.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.25.0",
"status": "affected",
"version": "7.25.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.24.0",
"status": "affected",
"version": "7.24.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.23.1",
"status": "affected",
"version": "7.23.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.23.0",
"status": "affected",
"version": "7.23.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.22.0",
"status": "affected",
"version": "7.22.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.21.7",
"status": "affected",
"version": "7.21.7",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.21.6",
"status": "affected",
"version": "7.21.6",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.21.5",
"status": "affected",
"version": "7.21.5",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.21.4",
"status": "affected",
"version": "7.21.4",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.21.3",
"status": "affected",
"version": "7.21.3",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.21.2",
"status": "affected",
"version": "7.21.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.21.1",
"status": "affected",
"version": "7.21.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.21.0",
"status": "affected",
"version": "7.21.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.20.1",
"status": "affected",
"version": "7.20.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.20.0",
"status": "affected",
"version": "7.20.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.19.7",
"status": "affected",
"version": "7.19.7",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.19.6",
"status": "affected",
"version": "7.19.6",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.19.5",
"status": "affected",
"version": "7.19.5",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.19.4",
"status": "affected",
"version": "7.19.4",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.19.3",
"status": "affected",
"version": "7.19.3",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.19.2",
"status": "affected",
"version": "7.19.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.19.1",
"status": "affected",
"version": "7.19.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.19.0",
"status": "affected",
"version": "7.19.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.18.2",
"status": "affected",
"version": "7.18.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.18.1",
"status": "affected",
"version": "7.18.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.18.0",
"status": "affected",
"version": "7.18.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.17.1",
"status": "affected",
"version": "7.17.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.17.0",
"status": "affected",
"version": "7.17.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.16.4",
"status": "affected",
"version": "7.16.4",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.16.3",
"status": "affected",
"version": "7.16.3",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.16.2",
"status": "affected",
"version": "7.16.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.16.1",
"status": "affected",
"version": "7.16.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.16.0",
"status": "affected",
"version": "7.16.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.15.5",
"status": "affected",
"version": "7.15.5",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.15.4",
"status": "affected",
"version": "7.15.4",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.15.3",
"status": "affected",
"version": "7.15.3",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.15.2",
"status": "affected",
"version": "7.15.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.15.1",
"status": "affected",
"version": "7.15.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.15.0",
"status": "affected",
"version": "7.15.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.14.1",
"status": "affected",
"version": "7.14.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.14.0",
"status": "affected",
"version": "7.14.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.13.2",
"status": "affected",
"version": "7.13.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.13.1",
"status": "affected",
"version": "7.13.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.13.0",
"status": "affected",
"version": "7.13.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.12.3",
"status": "affected",
"version": "7.12.3",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.12.2",
"status": "affected",
"version": "7.12.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.12.1",
"status": "affected",
"version": "7.12.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.12.0",
"status": "affected",
"version": "7.12.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.11.2",
"status": "affected",
"version": "7.11.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.11.1",
"status": "affected",
"version": "7.11.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.11.0",
"status": "affected",
"version": "7.11.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.10.8",
"status": "affected",
"version": "7.10.8",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.10.7",
"status": "affected",
"version": "7.10.7",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.10.6",
"status": "affected",
"version": "7.10.6",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.10.5",
"status": "affected",
"version": "7.10.5",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "z2_"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Daniel Stenberg"
}
],
"descriptions": [
{
"lang": "en",
"value": "When libcurl is asked to perform automatic gzip decompression of\ncontent-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option,\n**using zlib 1.2.0.3 or older**, an attacker-controlled integer overflow would\nmake libcurl perform a buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-680 Integer Overflow to Buffer Overflow",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T09:18:20.468Z",
"orgId": "2499f714-1537-4658-8207-48ae4bb9eae9",
"shortName": "curl"
},
"references": [
{
"name": "json",
"url": "https://curl.se/docs/CVE-2025-0725.json"
},
{
"name": "www",
"url": "https://curl.se/docs/CVE-2025-0725.html"
},
{
"name": "issue",
"url": "https://hackerone.com/reports/2956023"
}
],
"title": "gzip integer overflow"
}
},
"cveMetadata": {
"assignerOrgId": "2499f714-1537-4658-8207-48ae4bb9eae9",
"assignerShortName": "curl",
"cveId": "CVE-2025-0725",
"datePublished": "2025-02-05T09:18:20.468Z",
"dateReserved": "2025-01-27T04:58:09.514Z",
"dateUpdated": "2025-06-12T16:04:29.956Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-0725",
"date": "2026-06-02",
"epss": "0.006",
"percentile": "0.69785"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-0725\",\"sourceIdentifier\":\"2499f714-1537-4658-8207-48ae4bb9eae9\",\"published\":\"2025-02-05T10:15:22.980\",\"lastModified\":\"2025-06-27T19:24:08.327\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"When libcurl is asked to perform automatic gzip decompression of\\ncontent-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option,\\n**using zlib 1.2.0.3 or older**, an attacker-controlled integer overflow would\\nmake libcurl perform a buffer overflow.\"},{\"lang\":\"es\",\"value\":\"Cuando se le solicita a libcurl que realice una descompresi\u00f3n gzip autom\u00e1tica de respuestas HTTP codificadas con contenido con la opci\u00f3n `CURLOPT_ACCEPT_ENCODING`, **usando zlib 1.2.0.3 o anterior**, un desbordamiento de entero controlado por un atacante har\u00eda que libcurl realice un desbordamiento de b\u00fafer.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":3.4}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-120\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:hci_baseboard_management_controller:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C93821CF-3117-4763-8163-DD49F6D2CA8E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:hci_h610s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"910D39ED-5E36-42F2-B824-E7F4A2ED0BD7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:hci_h610s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33960CC8-DC73-4E15-8A19-686F5F528006\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:hci_h610c_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9BC74D7-687D-46AA-862F-D755A3D1AA05\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:hci_h610c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"436851DF-1531-40CE-8C71-561978877E27\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:hci_h615c_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AEAE936-CBDA-4C3A-B139-BE9C86EC6CB7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:hci_h615c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D471C87E-D861-4AC7-9418-900858C5BF24\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:solidfire_\\\\\u0026_hci_management_node:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6D700C5-F67F-4FFB-BE69-D524592A3D2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:solidfire_\\\\\u0026_hci_storage_node:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D452B464-1200-4B72-9A89-42DC58486191\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.10.5\",\"versionEndExcluding\":\"8.12.0\",\"matchCriteriaId\":\"34EA884B-6BF6-4F00-B302-CA48450A28D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.10.5\",\"versionEndExcluding\":\"8.12.0\",\"matchCriteriaId\":\"00A479A7-7885-4086-A577-C2E7E95FEADA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:zlib:zlib:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.2.0.3\",\"matchCriteriaId\":\"5D0F980D-04BB-436F-BD57-D8626701839E\"}]}]}],\"references\":[{\"url\":\"https://curl.se/docs/CVE-2025-0725.html\",\"source\":\"2499f714-1537-4658-8207-48ae4bb9eae9\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://curl.se/docs/CVE-2025-0725.json\",\"source\":\"2499f714-1537-4658-8207-48ae4bb9eae9\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://hackerone.com/reports/2956023\",\"source\":\"2499f714-1537-4658-8207-48ae4bb9eae9\",\"tags\":[\"Exploit\",\"Issue Tracking\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2025/02/05/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2025/02/06/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2025/02/06/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://github.com/curl/curl/commit/76f83f0db23846e254d940ec7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20250306-0009/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.openwall.com/lists/oss-security/2025/02/05/3\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2025/02/06/2\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2025/02/06/4\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20250306-0009/\"}, {\"url\": \"https://github.com/curl/curl/commit/76f83f0db23846e254d940ec7\"}], \"x_generator\": {\"engine\": \"ADPogram 0.0.1\"}, \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-06-12T16:04:29.956Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-0725\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-05T14:33:50.737849Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-05T14:34:00.499Z\"}}], \"cna\": {\"title\": \"gzip integer overflow\", \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"z2_\"}, {\"lang\": \"en\", \"type\": \"remediation developer\", \"value\": \"Daniel Stenberg\"}], \"affected\": [{\"vendor\": \"curl\", \"product\": \"curl\", \"versions\": [{\"status\": \"affected\", \"version\": \"8.11.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"8.11.1\"}, {\"status\": \"affected\", \"version\": \"8.11.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"8.11.0\"}, {\"status\": \"affected\", \"version\": \"8.10.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"8.10.1\"}, {\"status\": \"affected\", \"version\": \"8.10.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"8.10.0\"}, {\"status\": \"affected\", \"version\": \"8.9.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"8.9.1\"}, {\"status\": \"affected\", \"version\": \"8.9.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"8.9.0\"}, {\"status\": \"affected\", \"version\": \"8.8.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"8.8.0\"}, {\"status\": \"affected\", \"version\": \"8.7.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"8.7.1\"}, {\"status\": \"affected\", \"version\": \"8.7.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"8.7.0\"}, {\"status\": \"affected\", \"version\": \"8.6.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"8.6.0\"}, {\"status\": \"affected\", \"version\": \"8.5.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"8.5.0\"}, {\"status\": \"affected\", \"version\": \"8.4.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"8.4.0\"}, {\"status\": \"affected\", \"version\": \"8.3.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"8.3.0\"}, {\"status\": \"affected\", \"version\": \"8.2.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"8.2.1\"}, {\"status\": \"affected\", \"version\": \"8.2.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"8.2.0\"}, {\"status\": \"affected\", \"version\": \"8.1.2\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"8.1.2\"}, {\"status\": \"affected\", \"version\": \"8.1.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"8.1.1\"}, {\"status\": \"affected\", \"version\": \"8.1.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"8.1.0\"}, {\"status\": \"affected\", \"version\": \"8.0.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"8.0.1\"}, {\"status\": \"affected\", \"version\": \"8.0.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"8.0.0\"}, {\"status\": \"affected\", \"version\": \"7.88.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.88.1\"}, {\"status\": \"affected\", \"version\": \"7.88.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.88.0\"}, {\"status\": \"affected\", \"version\": \"7.87.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.87.0\"}, {\"status\": \"affected\", \"version\": \"7.86.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.86.0\"}, {\"status\": \"affected\", \"version\": \"7.85.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.85.0\"}, {\"status\": \"affected\", \"version\": \"7.84.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.84.0\"}, {\"status\": \"affected\", \"version\": \"7.83.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.83.1\"}, {\"status\": \"affected\", \"version\": \"7.83.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.83.0\"}, {\"status\": \"affected\", \"version\": \"7.82.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.82.0\"}, {\"status\": \"affected\", \"version\": \"7.81.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.81.0\"}, {\"status\": \"affected\", \"version\": \"7.80.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.80.0\"}, {\"status\": \"affected\", \"version\": \"7.79.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.79.1\"}, {\"status\": \"affected\", \"version\": \"7.79.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.79.0\"}, {\"status\": \"affected\", \"version\": \"7.78.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.78.0\"}, {\"status\": \"affected\", \"version\": \"7.77.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.77.0\"}, {\"status\": \"affected\", \"version\": \"7.76.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.76.1\"}, {\"status\": \"affected\", \"version\": \"7.76.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.76.0\"}, {\"status\": \"affected\", \"version\": \"7.75.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.75.0\"}, {\"status\": \"affected\", \"version\": \"7.74.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.74.0\"}, {\"status\": \"affected\", \"version\": \"7.73.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.73.0\"}, {\"status\": \"affected\", \"version\": \"7.72.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.72.0\"}, {\"status\": \"affected\", \"version\": \"7.71.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.71.1\"}, {\"status\": \"affected\", \"version\": \"7.71.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.71.0\"}, {\"status\": \"affected\", \"version\": \"7.70.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.70.0\"}, {\"status\": \"affected\", \"version\": \"7.69.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.69.1\"}, {\"status\": \"affected\", \"version\": \"7.69.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.69.0\"}, {\"status\": \"affected\", \"version\": \"7.68.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.68.0\"}, {\"status\": \"affected\", \"version\": \"7.67.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.67.0\"}, {\"status\": \"affected\", \"version\": \"7.66.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.66.0\"}, {\"status\": \"affected\", \"version\": \"7.65.3\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.65.3\"}, {\"status\": \"affected\", \"version\": \"7.65.2\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.65.2\"}, {\"status\": \"affected\", \"version\": \"7.65.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.65.1\"}, {\"status\": \"affected\", \"version\": \"7.65.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.65.0\"}, {\"status\": \"affected\", \"version\": \"7.64.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.64.1\"}, {\"status\": \"affected\", \"version\": \"7.64.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.64.0\"}, {\"status\": \"affected\", \"version\": \"7.63.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.63.0\"}, {\"status\": \"affected\", \"version\": \"7.62.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.62.0\"}, {\"status\": \"affected\", \"version\": \"7.61.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.61.1\"}, {\"status\": \"affected\", \"version\": \"7.61.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.61.0\"}, {\"status\": \"affected\", \"version\": \"7.60.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.60.0\"}, {\"status\": \"affected\", \"version\": \"7.59.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.59.0\"}, {\"status\": \"affected\", \"version\": \"7.58.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.58.0\"}, {\"status\": \"affected\", \"version\": \"7.57.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.57.0\"}, {\"status\": \"affected\", \"version\": \"7.56.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.56.1\"}, {\"status\": \"affected\", \"version\": \"7.56.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.56.0\"}, {\"status\": \"affected\", \"version\": \"7.55.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.55.1\"}, {\"status\": \"affected\", \"version\": \"7.55.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.55.0\"}, {\"status\": \"affected\", \"version\": \"7.54.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.54.1\"}, {\"status\": \"affected\", \"version\": \"7.54.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.54.0\"}, {\"status\": \"affected\", \"version\": \"7.53.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.53.1\"}, {\"status\": \"affected\", \"version\": \"7.53.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.53.0\"}, {\"status\": \"affected\", \"version\": \"7.52.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.52.1\"}, {\"status\": \"affected\", \"version\": \"7.52.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.52.0\"}, {\"status\": \"affected\", \"version\": \"7.51.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.51.0\"}, {\"status\": \"affected\", \"version\": \"7.50.3\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.50.3\"}, {\"status\": \"affected\", \"version\": \"7.50.2\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.50.2\"}, {\"status\": \"affected\", \"version\": \"7.50.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.50.1\"}, {\"status\": \"affected\", \"version\": \"7.50.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.50.0\"}, {\"status\": \"affected\", \"version\": \"7.49.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.49.1\"}, {\"status\": \"affected\", \"version\": \"7.49.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.49.0\"}, {\"status\": \"affected\", \"version\": \"7.48.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.48.0\"}, {\"status\": \"affected\", \"version\": \"7.47.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.47.1\"}, {\"status\": \"affected\", \"version\": \"7.47.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.47.0\"}, {\"status\": \"affected\", \"version\": \"7.46.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.46.0\"}, {\"status\": \"affected\", \"version\": \"7.45.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.45.0\"}, {\"status\": \"affected\", \"version\": \"7.44.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.44.0\"}, {\"status\": \"affected\", \"version\": \"7.43.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.43.0\"}, {\"status\": \"affected\", \"version\": \"7.42.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.42.1\"}, {\"status\": \"affected\", \"version\": \"7.42.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.42.0\"}, {\"status\": \"affected\", \"version\": \"7.41.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.41.0\"}, {\"status\": \"affected\", \"version\": \"7.40.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.40.0\"}, {\"status\": \"affected\", \"version\": \"7.39.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.39.0\"}, {\"status\": \"affected\", \"version\": \"7.38.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.38.0\"}, {\"status\": \"affected\", \"version\": \"7.37.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.37.1\"}, {\"status\": \"affected\", \"version\": \"7.37.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.37.0\"}, {\"status\": \"affected\", \"version\": \"7.36.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.36.0\"}, {\"status\": \"affected\", \"version\": \"7.35.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.35.0\"}, {\"status\": \"affected\", \"version\": \"7.34.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.34.0\"}, {\"status\": \"affected\", \"version\": \"7.33.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.33.0\"}, {\"status\": \"affected\", \"version\": \"7.32.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.32.0\"}, {\"status\": \"affected\", \"version\": \"7.31.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.31.0\"}, {\"status\": \"affected\", \"version\": \"7.30.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.30.0\"}, {\"status\": \"affected\", \"version\": \"7.29.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.29.0\"}, {\"status\": \"affected\", \"version\": \"7.28.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.28.1\"}, {\"status\": \"affected\", \"version\": \"7.28.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.28.0\"}, {\"status\": \"affected\", \"version\": \"7.27.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.27.0\"}, {\"status\": \"affected\", \"version\": \"7.26.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.26.0\"}, {\"status\": \"affected\", \"version\": \"7.25.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.25.0\"}, {\"status\": \"affected\", \"version\": \"7.24.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.24.0\"}, {\"status\": \"affected\", \"version\": \"7.23.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.23.1\"}, {\"status\": \"affected\", \"version\": \"7.23.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.23.0\"}, {\"status\": \"affected\", \"version\": \"7.22.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.22.0\"}, {\"status\": \"affected\", \"version\": \"7.21.7\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.21.7\"}, {\"status\": \"affected\", \"version\": \"7.21.6\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.21.6\"}, {\"status\": \"affected\", \"version\": \"7.21.5\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.21.5\"}, {\"status\": \"affected\", \"version\": \"7.21.4\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.21.4\"}, {\"status\": \"affected\", \"version\": \"7.21.3\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.21.3\"}, {\"status\": \"affected\", \"version\": \"7.21.2\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.21.2\"}, {\"status\": \"affected\", \"version\": \"7.21.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.21.1\"}, {\"status\": \"affected\", \"version\": \"7.21.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.21.0\"}, {\"status\": \"affected\", \"version\": \"7.20.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.20.1\"}, {\"status\": \"affected\", \"version\": \"7.20.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.20.0\"}, {\"status\": \"affected\", \"version\": \"7.19.7\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.19.7\"}, {\"status\": \"affected\", \"version\": \"7.19.6\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.19.6\"}, {\"status\": \"affected\", \"version\": \"7.19.5\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.19.5\"}, {\"status\": \"affected\", \"version\": \"7.19.4\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.19.4\"}, {\"status\": \"affected\", \"version\": \"7.19.3\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.19.3\"}, {\"status\": \"affected\", \"version\": \"7.19.2\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.19.2\"}, {\"status\": \"affected\", \"version\": \"7.19.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.19.1\"}, {\"status\": \"affected\", \"version\": \"7.19.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.19.0\"}, {\"status\": \"affected\", \"version\": \"7.18.2\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.18.2\"}, {\"status\": \"affected\", \"version\": \"7.18.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.18.1\"}, {\"status\": \"affected\", \"version\": \"7.18.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.18.0\"}, {\"status\": \"affected\", \"version\": \"7.17.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.17.1\"}, {\"status\": \"affected\", \"version\": \"7.17.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.17.0\"}, {\"status\": \"affected\", \"version\": \"7.16.4\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.16.4\"}, {\"status\": \"affected\", \"version\": \"7.16.3\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.16.3\"}, {\"status\": \"affected\", \"version\": \"7.16.2\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.16.2\"}, {\"status\": \"affected\", \"version\": \"7.16.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.16.1\"}, {\"status\": \"affected\", \"version\": \"7.16.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.16.0\"}, {\"status\": \"affected\", \"version\": \"7.15.5\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.15.5\"}, {\"status\": \"affected\", \"version\": \"7.15.4\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.15.4\"}, {\"status\": \"affected\", \"version\": \"7.15.3\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.15.3\"}, {\"status\": \"affected\", \"version\": \"7.15.2\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.15.2\"}, {\"status\": \"affected\", \"version\": \"7.15.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.15.1\"}, {\"status\": \"affected\", \"version\": \"7.15.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.15.0\"}, {\"status\": \"affected\", \"version\": \"7.14.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.14.1\"}, {\"status\": \"affected\", \"version\": \"7.14.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.14.0\"}, {\"status\": \"affected\", \"version\": \"7.13.2\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.13.2\"}, {\"status\": \"affected\", \"version\": \"7.13.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.13.1\"}, {\"status\": \"affected\", \"version\": \"7.13.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.13.0\"}, {\"status\": \"affected\", \"version\": \"7.12.3\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.12.3\"}, {\"status\": \"affected\", \"version\": \"7.12.2\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.12.2\"}, {\"status\": \"affected\", \"version\": \"7.12.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.12.1\"}, {\"status\": \"affected\", \"version\": \"7.12.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.12.0\"}, {\"status\": \"affected\", \"version\": \"7.11.2\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.11.2\"}, {\"status\": \"affected\", \"version\": \"7.11.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.11.1\"}, {\"status\": \"affected\", \"version\": \"7.11.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.11.0\"}, {\"status\": \"affected\", \"version\": \"7.10.8\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.10.8\"}, {\"status\": \"affected\", \"version\": \"7.10.7\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.10.7\"}, {\"status\": \"affected\", \"version\": \"7.10.6\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.10.6\"}, {\"status\": \"affected\", \"version\": \"7.10.5\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.10.5\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://curl.se/docs/CVE-2025-0725.json\", \"name\": \"json\"}, {\"url\": \"https://curl.se/docs/CVE-2025-0725.html\", \"name\": \"www\"}, {\"url\": \"https://hackerone.com/reports/2956023\", \"name\": \"issue\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"When libcurl is asked to perform automatic gzip decompression of\\ncontent-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option,\\n**using zlib 1.2.0.3 or older**, an attacker-controlled integer overflow would\\nmake libcurl perform a buffer overflow.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-680 Integer Overflow to Buffer Overflow\"}]}], \"providerMetadata\": {\"orgId\": \"2499f714-1537-4658-8207-48ae4bb9eae9\", \"shortName\": \"curl\", \"dateUpdated\": \"2025-02-05T09:18:20.468Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-0725\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-06-12T16:04:29.956Z\", \"dateReserved\": \"2025-01-27T04:58:09.514Z\", \"assignerOrgId\": \"2499f714-1537-4658-8207-48ae4bb9eae9\", \"datePublished\": \"2025-02-05T09:18:20.468Z\", \"assignerShortName\": \"curl\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
SUSE-SU-2025:0370-1
Vulnerability from csaf_suse - Published: 2025-02-05 15:34 - Updated: 2025-02-05 15:34Summary
Security update for curl
Severity
Moderate
Notes
Title of the patch: Security update for curl
Description of the patch: This update for curl fixes the following issues:
- CVE-2025-0725: Fixed gzip integer overflow (bsc#1236590)
- CVE-2025-0167: Fixed netrc and default credential leak (bsc#1236588)
Patchnames: SUSE-2025-370,SUSE-SLE-INSTALLER-15-SP4-2025-370,SUSE-SLE-INSTALLER-15-SP5-2025-370,SUSE-SLE-Micro-5.3-2025-370,SUSE-SLE-Micro-5.4-2025-370,SUSE-SLE-Micro-5.5-2025-370,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-370,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-370,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-370,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-370,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-370,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-370,SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-370
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
92 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:curl-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:curl-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl-devel-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl-devel-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl4-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl4-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:curl-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:curl-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl-devel-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl-devel-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl4-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl4-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Installer Updates 15 SP4:libcurl4-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Installer Updates 15 SP4:libcurl4-8.0.1-150400.5.62.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Installer Updates 15 SP4:libcurl4-8.0.1-150400.5.62.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Installer Updates 15 SP4:libcurl4-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Installer Updates 15 SP5:libcurl4-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Installer Updates 15 SP5:libcurl4-8.0.1-150400.5.62.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Installer Updates 15 SP5:libcurl4-8.0.1-150400.5.62.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Installer Updates 15 SP5:libcurl4-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:curl-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:curl-8.0.1-150400.5.62.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:curl-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libcurl4-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libcurl4-8.0.1-150400.5.62.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libcurl4-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:curl-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:curl-8.0.1-150400.5.62.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:curl-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libcurl4-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libcurl4-8.0.1-150400.5.62.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libcurl4-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:curl-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:curl-8.0.1-150400.5.62.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:curl-8.0.1-150400.5.62.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:curl-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libcurl4-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libcurl4-8.0.1-150400.5.62.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libcurl4-8.0.1-150400.5.62.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libcurl4-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:curl-8.0.1-150400.5.62.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:curl-8.0.1-150400.5.62.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:curl-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libcurl-devel-8.0.1-150400.5.62.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libcurl-devel-8.0.1-150400.5.62.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libcurl-devel-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libcurl4-8.0.1-150400.5.62.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libcurl4-8.0.1-150400.5.62.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libcurl4-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
92 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:curl-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:curl-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl-devel-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl-devel-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl4-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl4-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:curl-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:curl-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl-devel-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl-devel-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl4-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl4-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Installer Updates 15 SP4:libcurl4-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Installer Updates 15 SP4:libcurl4-8.0.1-150400.5.62.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Installer Updates 15 SP4:libcurl4-8.0.1-150400.5.62.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Installer Updates 15 SP4:libcurl4-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Installer Updates 15 SP5:libcurl4-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Installer Updates 15 SP5:libcurl4-8.0.1-150400.5.62.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Installer Updates 15 SP5:libcurl4-8.0.1-150400.5.62.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Installer Updates 15 SP5:libcurl4-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:curl-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:curl-8.0.1-150400.5.62.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:curl-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libcurl4-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libcurl4-8.0.1-150400.5.62.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libcurl4-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:curl-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:curl-8.0.1-150400.5.62.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:curl-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libcurl4-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libcurl4-8.0.1-150400.5.62.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libcurl4-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:curl-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:curl-8.0.1-150400.5.62.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:curl-8.0.1-150400.5.62.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:curl-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libcurl4-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libcurl4-8.0.1-150400.5.62.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libcurl4-8.0.1-150400.5.62.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libcurl4-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:curl-8.0.1-150400.5.62.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:curl-8.0.1-150400.5.62.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:curl-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libcurl-devel-8.0.1-150400.5.62.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libcurl-devel-8.0.1-150400.5.62.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libcurl-devel-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libcurl4-8.0.1-150400.5.62.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libcurl4-8.0.1-150400.5.62.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libcurl4-8.0.1-150400.5.62.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
12 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for curl",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for curl fixes the following issues:\n\n- CVE-2025-0725: Fixed gzip integer overflow (bsc#1236590)\n- CVE-2025-0167: Fixed netrc and default credential leak (bsc#1236588)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-370,SUSE-SLE-INSTALLER-15-SP4-2025-370,SUSE-SLE-INSTALLER-15-SP5-2025-370,SUSE-SLE-Micro-5.3-2025-370,SUSE-SLE-Micro-5.4-2025-370,SUSE-SLE-Micro-5.5-2025-370,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-370,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-370,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-370,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-370,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-370,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-370,SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-370",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0370-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:0370-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250370-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:0370-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2ECCI3BAXLHLUGPYD4ZUE4JHXTHZWYAK/"
},
{
"category": "self",
"summary": "SUSE Bug 1236588",
"url": "https://bugzilla.suse.com/1236588"
},
{
"category": "self",
"summary": "SUSE Bug 1236590",
"url": "https://bugzilla.suse.com/1236590"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-0167 page",
"url": "https://www.suse.com/security/cve/CVE-2025-0167/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-0725 page",
"url": "https://www.suse.com/security/cve/CVE-2025-0725/"
}
],
"title": "Security update for curl",
"tracking": {
"current_release_date": "2025-02-05T15:34:43Z",
"generator": {
"date": "2025-02-05T15:34:43Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:0370-1",
"initial_release_date": "2025-02-05T15:34:43Z",
"revision_history": [
{
"date": "2025-02-05T15:34:43Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "curl-8.0.1-150400.5.62.1.aarch64",
"product": {
"name": "curl-8.0.1-150400.5.62.1.aarch64",
"product_id": "curl-8.0.1-150400.5.62.1.aarch64"
}
},
{
"category": "product_version",
"name": "libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"product": {
"name": "libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"product_id": "libcurl-devel-8.0.1-150400.5.62.1.aarch64"
}
},
{
"category": "product_version",
"name": "libcurl4-8.0.1-150400.5.62.1.aarch64",
"product": {
"name": "libcurl4-8.0.1-150400.5.62.1.aarch64",
"product_id": "libcurl4-8.0.1-150400.5.62.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libcurl-devel-64bit-8.0.1-150400.5.62.1.aarch64_ilp32",
"product": {
"name": "libcurl-devel-64bit-8.0.1-150400.5.62.1.aarch64_ilp32",
"product_id": "libcurl-devel-64bit-8.0.1-150400.5.62.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libcurl4-64bit-8.0.1-150400.5.62.1.aarch64_ilp32",
"product": {
"name": "libcurl4-64bit-8.0.1-150400.5.62.1.aarch64_ilp32",
"product_id": "libcurl4-64bit-8.0.1-150400.5.62.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "curl-8.0.1-150400.5.62.1.i586",
"product": {
"name": "curl-8.0.1-150400.5.62.1.i586",
"product_id": "curl-8.0.1-150400.5.62.1.i586"
}
},
{
"category": "product_version",
"name": "libcurl-devel-8.0.1-150400.5.62.1.i586",
"product": {
"name": "libcurl-devel-8.0.1-150400.5.62.1.i586",
"product_id": "libcurl-devel-8.0.1-150400.5.62.1.i586"
}
},
{
"category": "product_version",
"name": "libcurl4-8.0.1-150400.5.62.1.i586",
"product": {
"name": "libcurl4-8.0.1-150400.5.62.1.i586",
"product_id": "libcurl4-8.0.1-150400.5.62.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "curl-8.0.1-150400.5.62.1.ppc64le",
"product": {
"name": "curl-8.0.1-150400.5.62.1.ppc64le",
"product_id": "curl-8.0.1-150400.5.62.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libcurl-devel-8.0.1-150400.5.62.1.ppc64le",
"product": {
"name": "libcurl-devel-8.0.1-150400.5.62.1.ppc64le",
"product_id": "libcurl-devel-8.0.1-150400.5.62.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libcurl4-8.0.1-150400.5.62.1.ppc64le",
"product": {
"name": "libcurl4-8.0.1-150400.5.62.1.ppc64le",
"product_id": "libcurl4-8.0.1-150400.5.62.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "curl-8.0.1-150400.5.62.1.s390x",
"product": {
"name": "curl-8.0.1-150400.5.62.1.s390x",
"product_id": "curl-8.0.1-150400.5.62.1.s390x"
}
},
{
"category": "product_version",
"name": "libcurl-devel-8.0.1-150400.5.62.1.s390x",
"product": {
"name": "libcurl-devel-8.0.1-150400.5.62.1.s390x",
"product_id": "libcurl-devel-8.0.1-150400.5.62.1.s390x"
}
},
{
"category": "product_version",
"name": "libcurl4-8.0.1-150400.5.62.1.s390x",
"product": {
"name": "libcurl4-8.0.1-150400.5.62.1.s390x",
"product_id": "libcurl4-8.0.1-150400.5.62.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "curl-8.0.1-150400.5.62.1.x86_64",
"product": {
"name": "curl-8.0.1-150400.5.62.1.x86_64",
"product_id": "curl-8.0.1-150400.5.62.1.x86_64"
}
},
{
"category": "product_version",
"name": "libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"product": {
"name": "libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"product_id": "libcurl-devel-8.0.1-150400.5.62.1.x86_64"
}
},
{
"category": "product_version",
"name": "libcurl-devel-32bit-8.0.1-150400.5.62.1.x86_64",
"product": {
"name": "libcurl-devel-32bit-8.0.1-150400.5.62.1.x86_64",
"product_id": "libcurl-devel-32bit-8.0.1-150400.5.62.1.x86_64"
}
},
{
"category": "product_version",
"name": "libcurl4-8.0.1-150400.5.62.1.x86_64",
"product": {
"name": "libcurl4-8.0.1-150400.5.62.1.x86_64",
"product_id": "libcurl4-8.0.1-150400.5.62.1.x86_64"
}
},
{
"category": "product_version",
"name": "libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"product": {
"name": "libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"product_id": "libcurl4-32bit-8.0.1-150400.5.62.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Installer Updates 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Installer Updates 15 SP4",
"product_id": "SUSE Linux Enterprise Installer Updates 15 SP4"
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Installer Updates 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Installer Updates 15 SP5",
"product_id": "SUSE Linux Enterprise Installer Updates 15 SP5"
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server 4.3",
"product": {
"name": "SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server:4.3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-150400.5.62.1.aarch64 as component of SUSE Linux Enterprise Installer Updates 15 SP4",
"product_id": "SUSE Linux Enterprise Installer Updates 15 SP4:libcurl4-8.0.1-150400.5.62.1.aarch64"
},
"product_reference": "libcurl4-8.0.1-150400.5.62.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Installer Updates 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-150400.5.62.1.ppc64le as component of SUSE Linux Enterprise Installer Updates 15 SP4",
"product_id": "SUSE Linux Enterprise Installer Updates 15 SP4:libcurl4-8.0.1-150400.5.62.1.ppc64le"
},
"product_reference": "libcurl4-8.0.1-150400.5.62.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Installer Updates 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-150400.5.62.1.s390x as component of SUSE Linux Enterprise Installer Updates 15 SP4",
"product_id": "SUSE Linux Enterprise Installer Updates 15 SP4:libcurl4-8.0.1-150400.5.62.1.s390x"
},
"product_reference": "libcurl4-8.0.1-150400.5.62.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Installer Updates 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-150400.5.62.1.x86_64 as component of SUSE Linux Enterprise Installer Updates 15 SP4",
"product_id": "SUSE Linux Enterprise Installer Updates 15 SP4:libcurl4-8.0.1-150400.5.62.1.x86_64"
},
"product_reference": "libcurl4-8.0.1-150400.5.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Installer Updates 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-150400.5.62.1.aarch64 as component of SUSE Linux Enterprise Installer Updates 15 SP5",
"product_id": "SUSE Linux Enterprise Installer Updates 15 SP5:libcurl4-8.0.1-150400.5.62.1.aarch64"
},
"product_reference": "libcurl4-8.0.1-150400.5.62.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Installer Updates 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-150400.5.62.1.ppc64le as component of SUSE Linux Enterprise Installer Updates 15 SP5",
"product_id": "SUSE Linux Enterprise Installer Updates 15 SP5:libcurl4-8.0.1-150400.5.62.1.ppc64le"
},
"product_reference": "libcurl4-8.0.1-150400.5.62.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Installer Updates 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-150400.5.62.1.s390x as component of SUSE Linux Enterprise Installer Updates 15 SP5",
"product_id": "SUSE Linux Enterprise Installer Updates 15 SP5:libcurl4-8.0.1-150400.5.62.1.s390x"
},
"product_reference": "libcurl4-8.0.1-150400.5.62.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Installer Updates 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-150400.5.62.1.x86_64 as component of SUSE Linux Enterprise Installer Updates 15 SP5",
"product_id": "SUSE Linux Enterprise Installer Updates 15 SP5:libcurl4-8.0.1-150400.5.62.1.x86_64"
},
"product_reference": "libcurl4-8.0.1-150400.5.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Installer Updates 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-8.0.1-150400.5.62.1.aarch64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:curl-8.0.1-150400.5.62.1.aarch64"
},
"product_reference": "curl-8.0.1-150400.5.62.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-8.0.1-150400.5.62.1.s390x as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:curl-8.0.1-150400.5.62.1.s390x"
},
"product_reference": "curl-8.0.1-150400.5.62.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-8.0.1-150400.5.62.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:curl-8.0.1-150400.5.62.1.x86_64"
},
"product_reference": "curl-8.0.1-150400.5.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-150400.5.62.1.aarch64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:libcurl4-8.0.1-150400.5.62.1.aarch64"
},
"product_reference": "libcurl4-8.0.1-150400.5.62.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-150400.5.62.1.s390x as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:libcurl4-8.0.1-150400.5.62.1.s390x"
},
"product_reference": "libcurl4-8.0.1-150400.5.62.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-150400.5.62.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:libcurl4-8.0.1-150400.5.62.1.x86_64"
},
"product_reference": "libcurl4-8.0.1-150400.5.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-8.0.1-150400.5.62.1.aarch64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:curl-8.0.1-150400.5.62.1.aarch64"
},
"product_reference": "curl-8.0.1-150400.5.62.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-8.0.1-150400.5.62.1.s390x as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:curl-8.0.1-150400.5.62.1.s390x"
},
"product_reference": "curl-8.0.1-150400.5.62.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-8.0.1-150400.5.62.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:curl-8.0.1-150400.5.62.1.x86_64"
},
"product_reference": "curl-8.0.1-150400.5.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-150400.5.62.1.aarch64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:libcurl4-8.0.1-150400.5.62.1.aarch64"
},
"product_reference": "libcurl4-8.0.1-150400.5.62.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-150400.5.62.1.s390x as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:libcurl4-8.0.1-150400.5.62.1.s390x"
},
"product_reference": "libcurl4-8.0.1-150400.5.62.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-150400.5.62.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:libcurl4-8.0.1-150400.5.62.1.x86_64"
},
"product_reference": "libcurl4-8.0.1-150400.5.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-8.0.1-150400.5.62.1.aarch64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:curl-8.0.1-150400.5.62.1.aarch64"
},
"product_reference": "curl-8.0.1-150400.5.62.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-8.0.1-150400.5.62.1.ppc64le as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:curl-8.0.1-150400.5.62.1.ppc64le"
},
"product_reference": "curl-8.0.1-150400.5.62.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-8.0.1-150400.5.62.1.s390x as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:curl-8.0.1-150400.5.62.1.s390x"
},
"product_reference": "curl-8.0.1-150400.5.62.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-8.0.1-150400.5.62.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:curl-8.0.1-150400.5.62.1.x86_64"
},
"product_reference": "curl-8.0.1-150400.5.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-150400.5.62.1.aarch64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libcurl4-8.0.1-150400.5.62.1.aarch64"
},
"product_reference": "libcurl4-8.0.1-150400.5.62.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-150400.5.62.1.ppc64le as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libcurl4-8.0.1-150400.5.62.1.ppc64le"
},
"product_reference": "libcurl4-8.0.1-150400.5.62.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-150400.5.62.1.s390x as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libcurl4-8.0.1-150400.5.62.1.s390x"
},
"product_reference": "libcurl4-8.0.1-150400.5.62.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-150400.5.62.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libcurl4-8.0.1-150400.5.62.1.x86_64"
},
"product_reference": "libcurl4-8.0.1-150400.5.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-8.0.1-150400.5.62.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:curl-8.0.1-150400.5.62.1.aarch64"
},
"product_reference": "curl-8.0.1-150400.5.62.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-8.0.1-150400.5.62.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:curl-8.0.1-150400.5.62.1.x86_64"
},
"product_reference": "curl-8.0.1-150400.5.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-8.0.1-150400.5.62.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl-devel-8.0.1-150400.5.62.1.aarch64"
},
"product_reference": "libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-8.0.1-150400.5.62.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl-devel-8.0.1-150400.5.62.1.x86_64"
},
"product_reference": "libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-150400.5.62.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl4-8.0.1-150400.5.62.1.aarch64"
},
"product_reference": "libcurl4-8.0.1-150400.5.62.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-150400.5.62.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl4-8.0.1-150400.5.62.1.x86_64"
},
"product_reference": "libcurl4-8.0.1-150400.5.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-32bit-8.0.1-150400.5.62.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64"
},
"product_reference": "libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-8.0.1-150400.5.62.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.aarch64"
},
"product_reference": "curl-8.0.1-150400.5.62.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-8.0.1-150400.5.62.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.x86_64"
},
"product_reference": "curl-8.0.1-150400.5.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-8.0.1-150400.5.62.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.aarch64"
},
"product_reference": "libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-8.0.1-150400.5.62.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.x86_64"
},
"product_reference": "libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-150400.5.62.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.aarch64"
},
"product_reference": "libcurl4-8.0.1-150400.5.62.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-150400.5.62.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.x86_64"
},
"product_reference": "libcurl4-8.0.1-150400.5.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-32bit-8.0.1-150400.5.62.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64"
},
"product_reference": "libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-8.0.1-150400.5.62.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:curl-8.0.1-150400.5.62.1.aarch64"
},
"product_reference": "curl-8.0.1-150400.5.62.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-8.0.1-150400.5.62.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:curl-8.0.1-150400.5.62.1.x86_64"
},
"product_reference": "curl-8.0.1-150400.5.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-8.0.1-150400.5.62.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl-devel-8.0.1-150400.5.62.1.aarch64"
},
"product_reference": "libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-8.0.1-150400.5.62.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl-devel-8.0.1-150400.5.62.1.x86_64"
},
"product_reference": "libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-150400.5.62.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl4-8.0.1-150400.5.62.1.aarch64"
},
"product_reference": "libcurl4-8.0.1-150400.5.62.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-150400.5.62.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl4-8.0.1-150400.5.62.1.x86_64"
},
"product_reference": "libcurl4-8.0.1-150400.5.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-32bit-8.0.1-150400.5.62.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64"
},
"product_reference": "libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-8.0.1-150400.5.62.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.aarch64"
},
"product_reference": "curl-8.0.1-150400.5.62.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-8.0.1-150400.5.62.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.x86_64"
},
"product_reference": "curl-8.0.1-150400.5.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-8.0.1-150400.5.62.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.aarch64"
},
"product_reference": "libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-8.0.1-150400.5.62.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.x86_64"
},
"product_reference": "libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-150400.5.62.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.aarch64"
},
"product_reference": "libcurl4-8.0.1-150400.5.62.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-150400.5.62.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.x86_64"
},
"product_reference": "libcurl4-8.0.1-150400.5.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-32bit-8.0.1-150400.5.62.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64"
},
"product_reference": "libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-8.0.1-150400.5.62.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.aarch64"
},
"product_reference": "curl-8.0.1-150400.5.62.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-8.0.1-150400.5.62.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.ppc64le"
},
"product_reference": "curl-8.0.1-150400.5.62.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-8.0.1-150400.5.62.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.s390x"
},
"product_reference": "curl-8.0.1-150400.5.62.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-8.0.1-150400.5.62.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.x86_64"
},
"product_reference": "curl-8.0.1-150400.5.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-8.0.1-150400.5.62.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.aarch64"
},
"product_reference": "libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-8.0.1-150400.5.62.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.ppc64le"
},
"product_reference": "libcurl-devel-8.0.1-150400.5.62.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-8.0.1-150400.5.62.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.s390x"
},
"product_reference": "libcurl-devel-8.0.1-150400.5.62.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-8.0.1-150400.5.62.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.x86_64"
},
"product_reference": "libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-150400.5.62.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.aarch64"
},
"product_reference": "libcurl4-8.0.1-150400.5.62.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-150400.5.62.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.ppc64le"
},
"product_reference": "libcurl4-8.0.1-150400.5.62.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-150400.5.62.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.s390x"
},
"product_reference": "libcurl4-8.0.1-150400.5.62.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-150400.5.62.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.x86_64"
},
"product_reference": "libcurl4-8.0.1-150400.5.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-32bit-8.0.1-150400.5.62.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64"
},
"product_reference": "libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-8.0.1-150400.5.62.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.aarch64"
},
"product_reference": "curl-8.0.1-150400.5.62.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-8.0.1-150400.5.62.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.ppc64le"
},
"product_reference": "curl-8.0.1-150400.5.62.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-8.0.1-150400.5.62.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.s390x"
},
"product_reference": "curl-8.0.1-150400.5.62.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-8.0.1-150400.5.62.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.x86_64"
},
"product_reference": "curl-8.0.1-150400.5.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-8.0.1-150400.5.62.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.aarch64"
},
"product_reference": "libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-8.0.1-150400.5.62.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.ppc64le"
},
"product_reference": "libcurl-devel-8.0.1-150400.5.62.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-8.0.1-150400.5.62.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.s390x"
},
"product_reference": "libcurl-devel-8.0.1-150400.5.62.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-8.0.1-150400.5.62.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.x86_64"
},
"product_reference": "libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-150400.5.62.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.aarch64"
},
"product_reference": "libcurl4-8.0.1-150400.5.62.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-150400.5.62.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.ppc64le"
},
"product_reference": "libcurl4-8.0.1-150400.5.62.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-150400.5.62.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.s390x"
},
"product_reference": "libcurl4-8.0.1-150400.5.62.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-150400.5.62.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.x86_64"
},
"product_reference": "libcurl4-8.0.1-150400.5.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-32bit-8.0.1-150400.5.62.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64"
},
"product_reference": "libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-8.0.1-150400.5.62.1.ppc64le as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:curl-8.0.1-150400.5.62.1.ppc64le"
},
"product_reference": "curl-8.0.1-150400.5.62.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-8.0.1-150400.5.62.1.s390x as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:curl-8.0.1-150400.5.62.1.s390x"
},
"product_reference": "curl-8.0.1-150400.5.62.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-8.0.1-150400.5.62.1.x86_64 as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:curl-8.0.1-150400.5.62.1.x86_64"
},
"product_reference": "curl-8.0.1-150400.5.62.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-8.0.1-150400.5.62.1.ppc64le as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libcurl-devel-8.0.1-150400.5.62.1.ppc64le"
},
"product_reference": "libcurl-devel-8.0.1-150400.5.62.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-8.0.1-150400.5.62.1.s390x as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libcurl-devel-8.0.1-150400.5.62.1.s390x"
},
"product_reference": "libcurl-devel-8.0.1-150400.5.62.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-8.0.1-150400.5.62.1.x86_64 as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libcurl-devel-8.0.1-150400.5.62.1.x86_64"
},
"product_reference": "libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-150400.5.62.1.ppc64le as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libcurl4-8.0.1-150400.5.62.1.ppc64le"
},
"product_reference": "libcurl4-8.0.1-150400.5.62.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-150400.5.62.1.s390x as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libcurl4-8.0.1-150400.5.62.1.s390x"
},
"product_reference": "libcurl4-8.0.1-150400.5.62.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-150400.5.62.1.x86_64 as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libcurl4-8.0.1-150400.5.62.1.x86_64"
},
"product_reference": "libcurl4-8.0.1-150400.5.62.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-32bit-8.0.1-150400.5.62.1.x86_64 as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64"
},
"product_reference": "libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-0167",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-0167"
}
],
"notes": [
{
"category": "general",
"text": "When asked to use a `.netrc` file for credentials **and** to follow HTTP\nredirects, curl could leak the password used for the first host to the\nfollowed-to host under certain circumstances.\n\nThis flaw only manifests itself if the netrc file has a `default` entry that\nomits both login and password. A rare circumstance.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Installer Updates 15 SP4:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Installer Updates 15 SP4:libcurl4-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Installer Updates 15 SP4:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Installer Updates 15 SP4:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Installer Updates 15 SP5:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Installer Updates 15 SP5:libcurl4-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Installer Updates 15 SP5:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Installer Updates 15 SP5:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:curl-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Micro 5.3:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:curl-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Micro 5.4:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:curl-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:curl-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Micro 5.5:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libcurl4-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Manager Server 4.3:curl-8.0.1-150400.5.62.1.ppc64le",
"SUSE Manager Server 4.3:curl-8.0.1-150400.5.62.1.s390x",
"SUSE Manager Server 4.3:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Manager Server 4.3:libcurl-devel-8.0.1-150400.5.62.1.ppc64le",
"SUSE Manager Server 4.3:libcurl-devel-8.0.1-150400.5.62.1.s390x",
"SUSE Manager Server 4.3:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Manager Server 4.3:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Manager Server 4.3:libcurl4-8.0.1-150400.5.62.1.ppc64le",
"SUSE Manager Server 4.3:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Manager Server 4.3:libcurl4-8.0.1-150400.5.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-0167",
"url": "https://www.suse.com/security/cve/CVE-2025-0167"
},
{
"category": "external",
"summary": "SUSE Bug 1234068 for CVE-2025-0167",
"url": "https://bugzilla.suse.com/1234068"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Installer Updates 15 SP4:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Installer Updates 15 SP4:libcurl4-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Installer Updates 15 SP4:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Installer Updates 15 SP4:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Installer Updates 15 SP5:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Installer Updates 15 SP5:libcurl4-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Installer Updates 15 SP5:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Installer Updates 15 SP5:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:curl-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Micro 5.3:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:curl-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Micro 5.4:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:curl-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:curl-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Micro 5.5:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libcurl4-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Manager Server 4.3:curl-8.0.1-150400.5.62.1.ppc64le",
"SUSE Manager Server 4.3:curl-8.0.1-150400.5.62.1.s390x",
"SUSE Manager Server 4.3:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Manager Server 4.3:libcurl-devel-8.0.1-150400.5.62.1.ppc64le",
"SUSE Manager Server 4.3:libcurl-devel-8.0.1-150400.5.62.1.s390x",
"SUSE Manager Server 4.3:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Manager Server 4.3:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Manager Server 4.3:libcurl4-8.0.1-150400.5.62.1.ppc64le",
"SUSE Manager Server 4.3:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Manager Server 4.3:libcurl4-8.0.1-150400.5.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Installer Updates 15 SP4:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Installer Updates 15 SP4:libcurl4-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Installer Updates 15 SP4:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Installer Updates 15 SP4:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Installer Updates 15 SP5:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Installer Updates 15 SP5:libcurl4-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Installer Updates 15 SP5:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Installer Updates 15 SP5:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:curl-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Micro 5.3:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:curl-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Micro 5.4:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:curl-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:curl-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Micro 5.5:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libcurl4-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Manager Server 4.3:curl-8.0.1-150400.5.62.1.ppc64le",
"SUSE Manager Server 4.3:curl-8.0.1-150400.5.62.1.s390x",
"SUSE Manager Server 4.3:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Manager Server 4.3:libcurl-devel-8.0.1-150400.5.62.1.ppc64le",
"SUSE Manager Server 4.3:libcurl-devel-8.0.1-150400.5.62.1.s390x",
"SUSE Manager Server 4.3:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Manager Server 4.3:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Manager Server 4.3:libcurl4-8.0.1-150400.5.62.1.ppc64le",
"SUSE Manager Server 4.3:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Manager Server 4.3:libcurl4-8.0.1-150400.5.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-05T15:34:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-0167"
},
{
"cve": "CVE-2025-0725",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-0725"
}
],
"notes": [
{
"category": "general",
"text": "When libcurl is asked to perform automatic gzip decompression of\ncontent-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option,\n**using zlib 1.2.0.3 or older**, an attacker-controlled integer overflow would\nmake libcurl perform a buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Installer Updates 15 SP4:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Installer Updates 15 SP4:libcurl4-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Installer Updates 15 SP4:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Installer Updates 15 SP4:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Installer Updates 15 SP5:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Installer Updates 15 SP5:libcurl4-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Installer Updates 15 SP5:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Installer Updates 15 SP5:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:curl-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Micro 5.3:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:curl-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Micro 5.4:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:curl-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:curl-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Micro 5.5:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libcurl4-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Manager Server 4.3:curl-8.0.1-150400.5.62.1.ppc64le",
"SUSE Manager Server 4.3:curl-8.0.1-150400.5.62.1.s390x",
"SUSE Manager Server 4.3:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Manager Server 4.3:libcurl-devel-8.0.1-150400.5.62.1.ppc64le",
"SUSE Manager Server 4.3:libcurl-devel-8.0.1-150400.5.62.1.s390x",
"SUSE Manager Server 4.3:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Manager Server 4.3:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Manager Server 4.3:libcurl4-8.0.1-150400.5.62.1.ppc64le",
"SUSE Manager Server 4.3:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Manager Server 4.3:libcurl4-8.0.1-150400.5.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-0725",
"url": "https://www.suse.com/security/cve/CVE-2025-0725"
},
{
"category": "external",
"summary": "SUSE Bug 1236590 for CVE-2025-0725",
"url": "https://bugzilla.suse.com/1236590"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Installer Updates 15 SP4:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Installer Updates 15 SP4:libcurl4-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Installer Updates 15 SP4:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Installer Updates 15 SP4:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Installer Updates 15 SP5:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Installer Updates 15 SP5:libcurl4-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Installer Updates 15 SP5:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Installer Updates 15 SP5:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:curl-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Micro 5.3:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:curl-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Micro 5.4:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:curl-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:curl-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Micro 5.5:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libcurl4-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Manager Server 4.3:curl-8.0.1-150400.5.62.1.ppc64le",
"SUSE Manager Server 4.3:curl-8.0.1-150400.5.62.1.s390x",
"SUSE Manager Server 4.3:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Manager Server 4.3:libcurl-devel-8.0.1-150400.5.62.1.ppc64le",
"SUSE Manager Server 4.3:libcurl-devel-8.0.1-150400.5.62.1.s390x",
"SUSE Manager Server 4.3:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Manager Server 4.3:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Manager Server 4.3:libcurl4-8.0.1-150400.5.62.1.ppc64le",
"SUSE Manager Server 4.3:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Manager Server 4.3:libcurl4-8.0.1-150400.5.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Installer Updates 15 SP4:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Installer Updates 15 SP4:libcurl4-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Installer Updates 15 SP4:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Installer Updates 15 SP4:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Installer Updates 15 SP5:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Installer Updates 15 SP5:libcurl4-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Installer Updates 15 SP5:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Installer Updates 15 SP5:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:curl-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Micro 5.3:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:curl-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Micro 5.4:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:curl-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:curl-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Micro 5.5:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libcurl4-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libcurl4-8.0.1-150400.5.62.1.x86_64",
"SUSE Manager Server 4.3:curl-8.0.1-150400.5.62.1.ppc64le",
"SUSE Manager Server 4.3:curl-8.0.1-150400.5.62.1.s390x",
"SUSE Manager Server 4.3:curl-8.0.1-150400.5.62.1.x86_64",
"SUSE Manager Server 4.3:libcurl-devel-8.0.1-150400.5.62.1.ppc64le",
"SUSE Manager Server 4.3:libcurl-devel-8.0.1-150400.5.62.1.s390x",
"SUSE Manager Server 4.3:libcurl-devel-8.0.1-150400.5.62.1.x86_64",
"SUSE Manager Server 4.3:libcurl4-32bit-8.0.1-150400.5.62.1.x86_64",
"SUSE Manager Server 4.3:libcurl4-8.0.1-150400.5.62.1.ppc64le",
"SUSE Manager Server 4.3:libcurl4-8.0.1-150400.5.62.1.s390x",
"SUSE Manager Server 4.3:libcurl4-8.0.1-150400.5.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-05T15:34:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-0725"
}
]
}
SUSE-SU-2025:0371-1
Vulnerability from csaf_suse - Published: 2025-02-05 15:34 - Updated: 2025-02-05 15:34Summary
Security update for curl
Severity
Moderate
Notes
Title of the patch: Security update for curl
Description of the patch: This update for curl fixes the following issues:
- CVE-2025-0725: Fixed gzip integer overflow (bsc#1236590)
- CVE-2025-0167: Fixed netrc and default credential leak (bsc#1236588)
Patchnames: SUSE-2025-371,SUSE-SLE-SERVER-12-SP5-LTSS-2025-371,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-371
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:curl-8.0.1-11.105.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:curl-8.0.1-11.105.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:curl-8.0.1-11.105.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:curl-8.0.1-11.105.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl-devel-8.0.1-11.105.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl-devel-8.0.1-11.105.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl-devel-8.0.1-11.105.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl-devel-8.0.1-11.105.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-32bit-8.0.1-11.105.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-32bit-8.0.1-11.105.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-8.0.1-11.105.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-8.0.1-11.105.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-8.0.1-11.105.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-8.0.1-11.105.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:curl-8.0.1-11.105.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libcurl-devel-8.0.1-11.105.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libcurl4-32bit-8.0.1-11.105.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libcurl4-8.0.1-11.105.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:curl-8.0.1-11.105.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:curl-8.0.1-11.105.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:curl-8.0.1-11.105.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:curl-8.0.1-11.105.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl-devel-8.0.1-11.105.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl-devel-8.0.1-11.105.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl-devel-8.0.1-11.105.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl-devel-8.0.1-11.105.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-32bit-8.0.1-11.105.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-32bit-8.0.1-11.105.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-8.0.1-11.105.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-8.0.1-11.105.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-8.0.1-11.105.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-8.0.1-11.105.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:curl-8.0.1-11.105.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libcurl-devel-8.0.1-11.105.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libcurl4-32bit-8.0.1-11.105.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libcurl4-8.0.1-11.105.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
12 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for curl",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for curl fixes the following issues:\n\n- CVE-2025-0725: Fixed gzip integer overflow (bsc#1236590)\n- CVE-2025-0167: Fixed netrc and default credential leak (bsc#1236588)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-371,SUSE-SLE-SERVER-12-SP5-LTSS-2025-371,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-371",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0371-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:0371-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250371-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:0371-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020276.html"
},
{
"category": "self",
"summary": "SUSE Bug 1236588",
"url": "https://bugzilla.suse.com/1236588"
},
{
"category": "self",
"summary": "SUSE Bug 1236590",
"url": "https://bugzilla.suse.com/1236590"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-0167 page",
"url": "https://www.suse.com/security/cve/CVE-2025-0167/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-0725 page",
"url": "https://www.suse.com/security/cve/CVE-2025-0725/"
}
],
"title": "Security update for curl",
"tracking": {
"current_release_date": "2025-02-05T15:34:55Z",
"generator": {
"date": "2025-02-05T15:34:55Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:0371-1",
"initial_release_date": "2025-02-05T15:34:55Z",
"revision_history": [
{
"date": "2025-02-05T15:34:55Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "curl-8.0.1-11.105.1.aarch64",
"product": {
"name": "curl-8.0.1-11.105.1.aarch64",
"product_id": "curl-8.0.1-11.105.1.aarch64"
}
},
{
"category": "product_version",
"name": "libcurl-devel-8.0.1-11.105.1.aarch64",
"product": {
"name": "libcurl-devel-8.0.1-11.105.1.aarch64",
"product_id": "libcurl-devel-8.0.1-11.105.1.aarch64"
}
},
{
"category": "product_version",
"name": "libcurl4-8.0.1-11.105.1.aarch64",
"product": {
"name": "libcurl4-8.0.1-11.105.1.aarch64",
"product_id": "libcurl4-8.0.1-11.105.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libcurl-devel-64bit-8.0.1-11.105.1.aarch64_ilp32",
"product": {
"name": "libcurl-devel-64bit-8.0.1-11.105.1.aarch64_ilp32",
"product_id": "libcurl-devel-64bit-8.0.1-11.105.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libcurl4-64bit-8.0.1-11.105.1.aarch64_ilp32",
"product": {
"name": "libcurl4-64bit-8.0.1-11.105.1.aarch64_ilp32",
"product_id": "libcurl4-64bit-8.0.1-11.105.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "curl-8.0.1-11.105.1.i586",
"product": {
"name": "curl-8.0.1-11.105.1.i586",
"product_id": "curl-8.0.1-11.105.1.i586"
}
},
{
"category": "product_version",
"name": "libcurl-devel-8.0.1-11.105.1.i586",
"product": {
"name": "libcurl-devel-8.0.1-11.105.1.i586",
"product_id": "libcurl-devel-8.0.1-11.105.1.i586"
}
},
{
"category": "product_version",
"name": "libcurl4-8.0.1-11.105.1.i586",
"product": {
"name": "libcurl4-8.0.1-11.105.1.i586",
"product_id": "libcurl4-8.0.1-11.105.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "curl-8.0.1-11.105.1.ppc64le",
"product": {
"name": "curl-8.0.1-11.105.1.ppc64le",
"product_id": "curl-8.0.1-11.105.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libcurl-devel-8.0.1-11.105.1.ppc64le",
"product": {
"name": "libcurl-devel-8.0.1-11.105.1.ppc64le",
"product_id": "libcurl-devel-8.0.1-11.105.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libcurl4-8.0.1-11.105.1.ppc64le",
"product": {
"name": "libcurl4-8.0.1-11.105.1.ppc64le",
"product_id": "libcurl4-8.0.1-11.105.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "curl-8.0.1-11.105.1.s390",
"product": {
"name": "curl-8.0.1-11.105.1.s390",
"product_id": "curl-8.0.1-11.105.1.s390"
}
},
{
"category": "product_version",
"name": "libcurl-devel-8.0.1-11.105.1.s390",
"product": {
"name": "libcurl-devel-8.0.1-11.105.1.s390",
"product_id": "libcurl-devel-8.0.1-11.105.1.s390"
}
},
{
"category": "product_version",
"name": "libcurl4-8.0.1-11.105.1.s390",
"product": {
"name": "libcurl4-8.0.1-11.105.1.s390",
"product_id": "libcurl4-8.0.1-11.105.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "curl-8.0.1-11.105.1.s390x",
"product": {
"name": "curl-8.0.1-11.105.1.s390x",
"product_id": "curl-8.0.1-11.105.1.s390x"
}
},
{
"category": "product_version",
"name": "libcurl-devel-8.0.1-11.105.1.s390x",
"product": {
"name": "libcurl-devel-8.0.1-11.105.1.s390x",
"product_id": "libcurl-devel-8.0.1-11.105.1.s390x"
}
},
{
"category": "product_version",
"name": "libcurl-devel-32bit-8.0.1-11.105.1.s390x",
"product": {
"name": "libcurl-devel-32bit-8.0.1-11.105.1.s390x",
"product_id": "libcurl-devel-32bit-8.0.1-11.105.1.s390x"
}
},
{
"category": "product_version",
"name": "libcurl4-8.0.1-11.105.1.s390x",
"product": {
"name": "libcurl4-8.0.1-11.105.1.s390x",
"product_id": "libcurl4-8.0.1-11.105.1.s390x"
}
},
{
"category": "product_version",
"name": "libcurl4-32bit-8.0.1-11.105.1.s390x",
"product": {
"name": "libcurl4-32bit-8.0.1-11.105.1.s390x",
"product_id": "libcurl4-32bit-8.0.1-11.105.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "curl-8.0.1-11.105.1.x86_64",
"product": {
"name": "curl-8.0.1-11.105.1.x86_64",
"product_id": "curl-8.0.1-11.105.1.x86_64"
}
},
{
"category": "product_version",
"name": "libcurl-devel-8.0.1-11.105.1.x86_64",
"product": {
"name": "libcurl-devel-8.0.1-11.105.1.x86_64",
"product_id": "libcurl-devel-8.0.1-11.105.1.x86_64"
}
},
{
"category": "product_version",
"name": "libcurl-devel-32bit-8.0.1-11.105.1.x86_64",
"product": {
"name": "libcurl-devel-32bit-8.0.1-11.105.1.x86_64",
"product_id": "libcurl-devel-32bit-8.0.1-11.105.1.x86_64"
}
},
{
"category": "product_version",
"name": "libcurl4-8.0.1-11.105.1.x86_64",
"product": {
"name": "libcurl4-8.0.1-11.105.1.x86_64",
"product_id": "libcurl4-8.0.1-11.105.1.x86_64"
}
},
{
"category": "product_version",
"name": "libcurl4-32bit-8.0.1-11.105.1.x86_64",
"product": {
"name": "libcurl4-32bit-8.0.1-11.105.1.x86_64",
"product_id": "libcurl4-32bit-8.0.1-11.105.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss-extended-security:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-8.0.1-11.105.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:curl-8.0.1-11.105.1.aarch64"
},
"product_reference": "curl-8.0.1-11.105.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-8.0.1-11.105.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:curl-8.0.1-11.105.1.ppc64le"
},
"product_reference": "curl-8.0.1-11.105.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-8.0.1-11.105.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:curl-8.0.1-11.105.1.s390x"
},
"product_reference": "curl-8.0.1-11.105.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-8.0.1-11.105.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:curl-8.0.1-11.105.1.x86_64"
},
"product_reference": "curl-8.0.1-11.105.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-8.0.1-11.105.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl-devel-8.0.1-11.105.1.aarch64"
},
"product_reference": "libcurl-devel-8.0.1-11.105.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-8.0.1-11.105.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl-devel-8.0.1-11.105.1.ppc64le"
},
"product_reference": "libcurl-devel-8.0.1-11.105.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-8.0.1-11.105.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl-devel-8.0.1-11.105.1.s390x"
},
"product_reference": "libcurl-devel-8.0.1-11.105.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-8.0.1-11.105.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl-devel-8.0.1-11.105.1.x86_64"
},
"product_reference": "libcurl-devel-8.0.1-11.105.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-11.105.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-8.0.1-11.105.1.aarch64"
},
"product_reference": "libcurl4-8.0.1-11.105.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-11.105.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-8.0.1-11.105.1.ppc64le"
},
"product_reference": "libcurl4-8.0.1-11.105.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-11.105.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-8.0.1-11.105.1.s390x"
},
"product_reference": "libcurl4-8.0.1-11.105.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-11.105.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-8.0.1-11.105.1.x86_64"
},
"product_reference": "libcurl4-8.0.1-11.105.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-32bit-8.0.1-11.105.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-32bit-8.0.1-11.105.1.s390x"
},
"product_reference": "libcurl4-32bit-8.0.1-11.105.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-32bit-8.0.1-11.105.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-32bit-8.0.1-11.105.1.x86_64"
},
"product_reference": "libcurl4-32bit-8.0.1-11.105.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-8.0.1-11.105.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:curl-8.0.1-11.105.1.x86_64"
},
"product_reference": "curl-8.0.1-11.105.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-8.0.1-11.105.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libcurl-devel-8.0.1-11.105.1.x86_64"
},
"product_reference": "libcurl-devel-8.0.1-11.105.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.0.1-11.105.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libcurl4-8.0.1-11.105.1.x86_64"
},
"product_reference": "libcurl4-8.0.1-11.105.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-32bit-8.0.1-11.105.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libcurl4-32bit-8.0.1-11.105.1.x86_64"
},
"product_reference": "libcurl4-32bit-8.0.1-11.105.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-0167",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-0167"
}
],
"notes": [
{
"category": "general",
"text": "When asked to use a `.netrc` file for credentials **and** to follow HTTP\nredirects, curl could leak the password used for the first host to the\nfollowed-to host under certain circumstances.\n\nThis flaw only manifests itself if the netrc file has a `default` entry that\nomits both login and password. A rare circumstance.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:curl-8.0.1-11.105.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:curl-8.0.1-11.105.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:curl-8.0.1-11.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:curl-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl-devel-8.0.1-11.105.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl-devel-8.0.1-11.105.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl-devel-8.0.1-11.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl-devel-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-32bit-8.0.1-11.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-32bit-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-8.0.1-11.105.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-8.0.1-11.105.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-8.0.1-11.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:curl-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libcurl-devel-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libcurl4-32bit-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libcurl4-8.0.1-11.105.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-0167",
"url": "https://www.suse.com/security/cve/CVE-2025-0167"
},
{
"category": "external",
"summary": "SUSE Bug 1234068 for CVE-2025-0167",
"url": "https://bugzilla.suse.com/1234068"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:curl-8.0.1-11.105.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:curl-8.0.1-11.105.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:curl-8.0.1-11.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:curl-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl-devel-8.0.1-11.105.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl-devel-8.0.1-11.105.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl-devel-8.0.1-11.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl-devel-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-32bit-8.0.1-11.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-32bit-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-8.0.1-11.105.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-8.0.1-11.105.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-8.0.1-11.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:curl-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libcurl-devel-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libcurl4-32bit-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libcurl4-8.0.1-11.105.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:curl-8.0.1-11.105.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:curl-8.0.1-11.105.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:curl-8.0.1-11.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:curl-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl-devel-8.0.1-11.105.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl-devel-8.0.1-11.105.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl-devel-8.0.1-11.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl-devel-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-32bit-8.0.1-11.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-32bit-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-8.0.1-11.105.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-8.0.1-11.105.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-8.0.1-11.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:curl-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libcurl-devel-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libcurl4-32bit-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libcurl4-8.0.1-11.105.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-05T15:34:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-0167"
},
{
"cve": "CVE-2025-0725",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-0725"
}
],
"notes": [
{
"category": "general",
"text": "When libcurl is asked to perform automatic gzip decompression of\ncontent-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option,\n**using zlib 1.2.0.3 or older**, an attacker-controlled integer overflow would\nmake libcurl perform a buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:curl-8.0.1-11.105.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:curl-8.0.1-11.105.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:curl-8.0.1-11.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:curl-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl-devel-8.0.1-11.105.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl-devel-8.0.1-11.105.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl-devel-8.0.1-11.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl-devel-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-32bit-8.0.1-11.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-32bit-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-8.0.1-11.105.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-8.0.1-11.105.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-8.0.1-11.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:curl-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libcurl-devel-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libcurl4-32bit-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libcurl4-8.0.1-11.105.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-0725",
"url": "https://www.suse.com/security/cve/CVE-2025-0725"
},
{
"category": "external",
"summary": "SUSE Bug 1236590 for CVE-2025-0725",
"url": "https://bugzilla.suse.com/1236590"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:curl-8.0.1-11.105.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:curl-8.0.1-11.105.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:curl-8.0.1-11.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:curl-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl-devel-8.0.1-11.105.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl-devel-8.0.1-11.105.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl-devel-8.0.1-11.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl-devel-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-32bit-8.0.1-11.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-32bit-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-8.0.1-11.105.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-8.0.1-11.105.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-8.0.1-11.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:curl-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libcurl-devel-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libcurl4-32bit-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libcurl4-8.0.1-11.105.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:curl-8.0.1-11.105.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:curl-8.0.1-11.105.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:curl-8.0.1-11.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:curl-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl-devel-8.0.1-11.105.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl-devel-8.0.1-11.105.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl-devel-8.0.1-11.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl-devel-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-32bit-8.0.1-11.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-32bit-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-8.0.1-11.105.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-8.0.1-11.105.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-8.0.1-11.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libcurl4-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:curl-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libcurl-devel-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libcurl4-32bit-8.0.1-11.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libcurl4-8.0.1-11.105.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-05T15:34:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-0725"
}
]
}
SUSE-SU-2025:0372-1
Vulnerability from csaf_suse - Published: 2025-02-05 15:36 - Updated: 2025-02-05 15:36Summary
Security update for curl
Severity
Moderate
Notes
Title of the patch: Security update for curl
Description of the patch: This update for curl fixes the following issues:
- CVE-2025-0725: Fixed gzip integer overflow (bsc#1236590)
- CVE-2025-0167: Fixed netrc and default credential leak (bsc#1236588)
Patchnames: SUSE-2025-372,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-372,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-372,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-372,SUSE-SUSE-MicroOS-5.1-2025-372,SUSE-SUSE-MicroOS-5.2-2025-372,SUSE-Storage-7.1-2025-372
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
46 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:curl-7.66.0-150200.4.84.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:curl-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:libcurl-devel-7.66.0-150200.4.84.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:libcurl-devel-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:libcurl4-32bit-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:libcurl4-7.66.0-150200.4.84.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:libcurl4-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl4-32bit-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:curl-7.66.0-150200.4.84.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:curl-7.66.0-150200.4.84.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:curl-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:libcurl4-7.66.0-150200.4.84.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:libcurl4-7.66.0-150200.4.84.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:libcurl4-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:curl-7.66.0-150200.4.84.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:curl-7.66.0-150200.4.84.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:curl-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:libcurl4-7.66.0-150200.4.84.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:libcurl4-7.66.0-150200.4.84.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:libcurl4-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-32bit-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:curl-7.66.0-150200.4.84.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:curl-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl-devel-7.66.0-150200.4.84.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl-devel-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl4-32bit-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl4-7.66.0-150200.4.84.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl4-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
46 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:curl-7.66.0-150200.4.84.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:curl-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:libcurl-devel-7.66.0-150200.4.84.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:libcurl-devel-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:libcurl4-32bit-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:libcurl4-7.66.0-150200.4.84.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:libcurl4-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl4-32bit-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:curl-7.66.0-150200.4.84.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:curl-7.66.0-150200.4.84.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:curl-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:libcurl4-7.66.0-150200.4.84.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:libcurl4-7.66.0-150200.4.84.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:libcurl4-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:curl-7.66.0-150200.4.84.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:curl-7.66.0-150200.4.84.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:curl-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:libcurl4-7.66.0-150200.4.84.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:libcurl4-7.66.0-150200.4.84.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:libcurl4-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-32bit-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:curl-7.66.0-150200.4.84.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:curl-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl-devel-7.66.0-150200.4.84.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl-devel-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl4-32bit-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl4-7.66.0-150200.4.84.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl4-7.66.0-150200.4.84.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
12 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for curl",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for curl fixes the following issues:\n\n- CVE-2025-0725: Fixed gzip integer overflow (bsc#1236590)\n- CVE-2025-0167: Fixed netrc and default credential leak (bsc#1236588)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-372,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-372,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-372,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-372,SUSE-SUSE-MicroOS-5.1-2025-372,SUSE-SUSE-MicroOS-5.2-2025-372,SUSE-Storage-7.1-2025-372",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0372-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:0372-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250372-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:0372-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020275.html"
},
{
"category": "self",
"summary": "SUSE Bug 1236588",
"url": "https://bugzilla.suse.com/1236588"
},
{
"category": "self",
"summary": "SUSE Bug 1236590",
"url": "https://bugzilla.suse.com/1236590"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-0167 page",
"url": "https://www.suse.com/security/cve/CVE-2025-0167/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-0725 page",
"url": "https://www.suse.com/security/cve/CVE-2025-0725/"
}
],
"title": "Security update for curl",
"tracking": {
"current_release_date": "2025-02-05T15:36:16Z",
"generator": {
"date": "2025-02-05T15:36:16Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:0372-1",
"initial_release_date": "2025-02-05T15:36:16Z",
"revision_history": [
{
"date": "2025-02-05T15:36:16Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "curl-7.66.0-150200.4.84.1.aarch64",
"product": {
"name": "curl-7.66.0-150200.4.84.1.aarch64",
"product_id": "curl-7.66.0-150200.4.84.1.aarch64"
}
},
{
"category": "product_version",
"name": "curl-mini-7.66.0-150200.4.84.1.aarch64",
"product": {
"name": "curl-mini-7.66.0-150200.4.84.1.aarch64",
"product_id": "curl-mini-7.66.0-150200.4.84.1.aarch64"
}
},
{
"category": "product_version",
"name": "libcurl-devel-7.66.0-150200.4.84.1.aarch64",
"product": {
"name": "libcurl-devel-7.66.0-150200.4.84.1.aarch64",
"product_id": "libcurl-devel-7.66.0-150200.4.84.1.aarch64"
}
},
{
"category": "product_version",
"name": "libcurl-mini-devel-7.66.0-150200.4.84.1.aarch64",
"product": {
"name": "libcurl-mini-devel-7.66.0-150200.4.84.1.aarch64",
"product_id": "libcurl-mini-devel-7.66.0-150200.4.84.1.aarch64"
}
},
{
"category": "product_version",
"name": "libcurl4-7.66.0-150200.4.84.1.aarch64",
"product": {
"name": "libcurl4-7.66.0-150200.4.84.1.aarch64",
"product_id": "libcurl4-7.66.0-150200.4.84.1.aarch64"
}
},
{
"category": "product_version",
"name": "libcurl4-mini-7.66.0-150200.4.84.1.aarch64",
"product": {
"name": "libcurl4-mini-7.66.0-150200.4.84.1.aarch64",
"product_id": "libcurl4-mini-7.66.0-150200.4.84.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libcurl-devel-64bit-7.66.0-150200.4.84.1.aarch64_ilp32",
"product": {
"name": "libcurl-devel-64bit-7.66.0-150200.4.84.1.aarch64_ilp32",
"product_id": "libcurl-devel-64bit-7.66.0-150200.4.84.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libcurl4-64bit-7.66.0-150200.4.84.1.aarch64_ilp32",
"product": {
"name": "libcurl4-64bit-7.66.0-150200.4.84.1.aarch64_ilp32",
"product_id": "libcurl4-64bit-7.66.0-150200.4.84.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "curl-7.66.0-150200.4.84.1.i586",
"product": {
"name": "curl-7.66.0-150200.4.84.1.i586",
"product_id": "curl-7.66.0-150200.4.84.1.i586"
}
},
{
"category": "product_version",
"name": "curl-mini-7.66.0-150200.4.84.1.i586",
"product": {
"name": "curl-mini-7.66.0-150200.4.84.1.i586",
"product_id": "curl-mini-7.66.0-150200.4.84.1.i586"
}
},
{
"category": "product_version",
"name": "libcurl-devel-7.66.0-150200.4.84.1.i586",
"product": {
"name": "libcurl-devel-7.66.0-150200.4.84.1.i586",
"product_id": "libcurl-devel-7.66.0-150200.4.84.1.i586"
}
},
{
"category": "product_version",
"name": "libcurl-mini-devel-7.66.0-150200.4.84.1.i586",
"product": {
"name": "libcurl-mini-devel-7.66.0-150200.4.84.1.i586",
"product_id": "libcurl-mini-devel-7.66.0-150200.4.84.1.i586"
}
},
{
"category": "product_version",
"name": "libcurl4-7.66.0-150200.4.84.1.i586",
"product": {
"name": "libcurl4-7.66.0-150200.4.84.1.i586",
"product_id": "libcurl4-7.66.0-150200.4.84.1.i586"
}
},
{
"category": "product_version",
"name": "libcurl4-mini-7.66.0-150200.4.84.1.i586",
"product": {
"name": "libcurl4-mini-7.66.0-150200.4.84.1.i586",
"product_id": "libcurl4-mini-7.66.0-150200.4.84.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "curl-7.66.0-150200.4.84.1.ppc64le",
"product": {
"name": "curl-7.66.0-150200.4.84.1.ppc64le",
"product_id": "curl-7.66.0-150200.4.84.1.ppc64le"
}
},
{
"category": "product_version",
"name": "curl-mini-7.66.0-150200.4.84.1.ppc64le",
"product": {
"name": "curl-mini-7.66.0-150200.4.84.1.ppc64le",
"product_id": "curl-mini-7.66.0-150200.4.84.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libcurl-devel-7.66.0-150200.4.84.1.ppc64le",
"product": {
"name": "libcurl-devel-7.66.0-150200.4.84.1.ppc64le",
"product_id": "libcurl-devel-7.66.0-150200.4.84.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libcurl-mini-devel-7.66.0-150200.4.84.1.ppc64le",
"product": {
"name": "libcurl-mini-devel-7.66.0-150200.4.84.1.ppc64le",
"product_id": "libcurl-mini-devel-7.66.0-150200.4.84.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libcurl4-7.66.0-150200.4.84.1.ppc64le",
"product": {
"name": "libcurl4-7.66.0-150200.4.84.1.ppc64le",
"product_id": "libcurl4-7.66.0-150200.4.84.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libcurl4-mini-7.66.0-150200.4.84.1.ppc64le",
"product": {
"name": "libcurl4-mini-7.66.0-150200.4.84.1.ppc64le",
"product_id": "libcurl4-mini-7.66.0-150200.4.84.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "curl-7.66.0-150200.4.84.1.s390x",
"product": {
"name": "curl-7.66.0-150200.4.84.1.s390x",
"product_id": "curl-7.66.0-150200.4.84.1.s390x"
}
},
{
"category": "product_version",
"name": "curl-mini-7.66.0-150200.4.84.1.s390x",
"product": {
"name": "curl-mini-7.66.0-150200.4.84.1.s390x",
"product_id": "curl-mini-7.66.0-150200.4.84.1.s390x"
}
},
{
"category": "product_version",
"name": "libcurl-devel-7.66.0-150200.4.84.1.s390x",
"product": {
"name": "libcurl-devel-7.66.0-150200.4.84.1.s390x",
"product_id": "libcurl-devel-7.66.0-150200.4.84.1.s390x"
}
},
{
"category": "product_version",
"name": "libcurl-mini-devel-7.66.0-150200.4.84.1.s390x",
"product": {
"name": "libcurl-mini-devel-7.66.0-150200.4.84.1.s390x",
"product_id": "libcurl-mini-devel-7.66.0-150200.4.84.1.s390x"
}
},
{
"category": "product_version",
"name": "libcurl4-7.66.0-150200.4.84.1.s390x",
"product": {
"name": "libcurl4-7.66.0-150200.4.84.1.s390x",
"product_id": "libcurl4-7.66.0-150200.4.84.1.s390x"
}
},
{
"category": "product_version",
"name": "libcurl4-mini-7.66.0-150200.4.84.1.s390x",
"product": {
"name": "libcurl4-mini-7.66.0-150200.4.84.1.s390x",
"product_id": "libcurl4-mini-7.66.0-150200.4.84.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "curl-7.66.0-150200.4.84.1.x86_64",
"product": {
"name": "curl-7.66.0-150200.4.84.1.x86_64",
"product_id": "curl-7.66.0-150200.4.84.1.x86_64"
}
},
{
"category": "product_version",
"name": "curl-mini-7.66.0-150200.4.84.1.x86_64",
"product": {
"name": "curl-mini-7.66.0-150200.4.84.1.x86_64",
"product_id": "curl-mini-7.66.0-150200.4.84.1.x86_64"
}
},
{
"category": "product_version",
"name": "libcurl-devel-7.66.0-150200.4.84.1.x86_64",
"product": {
"name": "libcurl-devel-7.66.0-150200.4.84.1.x86_64",
"product_id": "libcurl-devel-7.66.0-150200.4.84.1.x86_64"
}
},
{
"category": "product_version",
"name": "libcurl-devel-32bit-7.66.0-150200.4.84.1.x86_64",
"product": {
"name": "libcurl-devel-32bit-7.66.0-150200.4.84.1.x86_64",
"product_id": "libcurl-devel-32bit-7.66.0-150200.4.84.1.x86_64"
}
},
{
"category": "product_version",
"name": "libcurl-mini-devel-7.66.0-150200.4.84.1.x86_64",
"product": {
"name": "libcurl-mini-devel-7.66.0-150200.4.84.1.x86_64",
"product_id": "libcurl-mini-devel-7.66.0-150200.4.84.1.x86_64"
}
},
{
"category": "product_version",
"name": "libcurl4-7.66.0-150200.4.84.1.x86_64",
"product": {
"name": "libcurl4-7.66.0-150200.4.84.1.x86_64",
"product_id": "libcurl4-7.66.0-150200.4.84.1.x86_64"
}
},
{
"category": "product_version",
"name": "libcurl4-32bit-7.66.0-150200.4.84.1.x86_64",
"product": {
"name": "libcurl4-32bit-7.66.0-150200.4.84.1.x86_64",
"product_id": "libcurl4-32bit-7.66.0-150200.4.84.1.x86_64"
}
},
{
"category": "product_version",
"name": "libcurl4-mini-7.66.0-150200.4.84.1.x86_64",
"product": {
"name": "libcurl4-mini-7.66.0-150200.4.84.1.x86_64",
"product_id": "libcurl4-mini-7.66.0-150200.4.84.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.2"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7.1",
"product": {
"name": "SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-7.66.0-150200.4.84.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.aarch64"
},
"product_reference": "curl-7.66.0-150200.4.84.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-7.66.0-150200.4.84.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.x86_64"
},
"product_reference": "curl-7.66.0-150200.4.84.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-7.66.0-150200.4.84.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.aarch64"
},
"product_reference": "libcurl-devel-7.66.0-150200.4.84.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-7.66.0-150200.4.84.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.x86_64"
},
"product_reference": "libcurl-devel-7.66.0-150200.4.84.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-7.66.0-150200.4.84.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.aarch64"
},
"product_reference": "libcurl4-7.66.0-150200.4.84.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-7.66.0-150200.4.84.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.x86_64"
},
"product_reference": "libcurl4-7.66.0-150200.4.84.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-32bit-7.66.0-150200.4.84.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl4-32bit-7.66.0-150200.4.84.1.x86_64"
},
"product_reference": "libcurl4-32bit-7.66.0-150200.4.84.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-7.66.0-150200.4.84.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.aarch64"
},
"product_reference": "curl-7.66.0-150200.4.84.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-7.66.0-150200.4.84.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.ppc64le"
},
"product_reference": "curl-7.66.0-150200.4.84.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-7.66.0-150200.4.84.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.s390x"
},
"product_reference": "curl-7.66.0-150200.4.84.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-7.66.0-150200.4.84.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.x86_64"
},
"product_reference": "curl-7.66.0-150200.4.84.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-7.66.0-150200.4.84.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.aarch64"
},
"product_reference": "libcurl-devel-7.66.0-150200.4.84.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-7.66.0-150200.4.84.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.ppc64le"
},
"product_reference": "libcurl-devel-7.66.0-150200.4.84.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-7.66.0-150200.4.84.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.s390x"
},
"product_reference": "libcurl-devel-7.66.0-150200.4.84.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-7.66.0-150200.4.84.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.x86_64"
},
"product_reference": "libcurl-devel-7.66.0-150200.4.84.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-7.66.0-150200.4.84.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.aarch64"
},
"product_reference": "libcurl4-7.66.0-150200.4.84.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-7.66.0-150200.4.84.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.ppc64le"
},
"product_reference": "libcurl4-7.66.0-150200.4.84.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-7.66.0-150200.4.84.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.s390x"
},
"product_reference": "libcurl4-7.66.0-150200.4.84.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-7.66.0-150200.4.84.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.x86_64"
},
"product_reference": "libcurl4-7.66.0-150200.4.84.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-32bit-7.66.0-150200.4.84.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-32bit-7.66.0-150200.4.84.1.x86_64"
},
"product_reference": "libcurl4-32bit-7.66.0-150200.4.84.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-7.66.0-150200.4.84.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:curl-7.66.0-150200.4.84.1.ppc64le"
},
"product_reference": "curl-7.66.0-150200.4.84.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-7.66.0-150200.4.84.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:curl-7.66.0-150200.4.84.1.x86_64"
},
"product_reference": "curl-7.66.0-150200.4.84.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-7.66.0-150200.4.84.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl-devel-7.66.0-150200.4.84.1.ppc64le"
},
"product_reference": "libcurl-devel-7.66.0-150200.4.84.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-7.66.0-150200.4.84.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl-devel-7.66.0-150200.4.84.1.x86_64"
},
"product_reference": "libcurl-devel-7.66.0-150200.4.84.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-7.66.0-150200.4.84.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl4-7.66.0-150200.4.84.1.ppc64le"
},
"product_reference": "libcurl4-7.66.0-150200.4.84.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-7.66.0-150200.4.84.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl4-7.66.0-150200.4.84.1.x86_64"
},
"product_reference": "libcurl4-7.66.0-150200.4.84.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-32bit-7.66.0-150200.4.84.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl4-32bit-7.66.0-150200.4.84.1.x86_64"
},
"product_reference": "libcurl4-32bit-7.66.0-150200.4.84.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-7.66.0-150200.4.84.1.aarch64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:curl-7.66.0-150200.4.84.1.aarch64"
},
"product_reference": "curl-7.66.0-150200.4.84.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-7.66.0-150200.4.84.1.s390x as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:curl-7.66.0-150200.4.84.1.s390x"
},
"product_reference": "curl-7.66.0-150200.4.84.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-7.66.0-150200.4.84.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:curl-7.66.0-150200.4.84.1.x86_64"
},
"product_reference": "curl-7.66.0-150200.4.84.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-7.66.0-150200.4.84.1.aarch64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:libcurl4-7.66.0-150200.4.84.1.aarch64"
},
"product_reference": "libcurl4-7.66.0-150200.4.84.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-7.66.0-150200.4.84.1.s390x as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:libcurl4-7.66.0-150200.4.84.1.s390x"
},
"product_reference": "libcurl4-7.66.0-150200.4.84.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-7.66.0-150200.4.84.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:libcurl4-7.66.0-150200.4.84.1.x86_64"
},
"product_reference": "libcurl4-7.66.0-150200.4.84.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-7.66.0-150200.4.84.1.aarch64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:curl-7.66.0-150200.4.84.1.aarch64"
},
"product_reference": "curl-7.66.0-150200.4.84.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-7.66.0-150200.4.84.1.s390x as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:curl-7.66.0-150200.4.84.1.s390x"
},
"product_reference": "curl-7.66.0-150200.4.84.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-7.66.0-150200.4.84.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:curl-7.66.0-150200.4.84.1.x86_64"
},
"product_reference": "curl-7.66.0-150200.4.84.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-7.66.0-150200.4.84.1.aarch64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:libcurl4-7.66.0-150200.4.84.1.aarch64"
},
"product_reference": "libcurl4-7.66.0-150200.4.84.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-7.66.0-150200.4.84.1.s390x as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:libcurl4-7.66.0-150200.4.84.1.s390x"
},
"product_reference": "libcurl4-7.66.0-150200.4.84.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-7.66.0-150200.4.84.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:libcurl4-7.66.0-150200.4.84.1.x86_64"
},
"product_reference": "libcurl4-7.66.0-150200.4.84.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-7.66.0-150200.4.84.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:curl-7.66.0-150200.4.84.1.aarch64"
},
"product_reference": "curl-7.66.0-150200.4.84.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-7.66.0-150200.4.84.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:curl-7.66.0-150200.4.84.1.x86_64"
},
"product_reference": "curl-7.66.0-150200.4.84.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-7.66.0-150200.4.84.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libcurl-devel-7.66.0-150200.4.84.1.aarch64"
},
"product_reference": "libcurl-devel-7.66.0-150200.4.84.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-7.66.0-150200.4.84.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libcurl-devel-7.66.0-150200.4.84.1.x86_64"
},
"product_reference": "libcurl-devel-7.66.0-150200.4.84.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-7.66.0-150200.4.84.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libcurl4-7.66.0-150200.4.84.1.aarch64"
},
"product_reference": "libcurl4-7.66.0-150200.4.84.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-7.66.0-150200.4.84.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libcurl4-7.66.0-150200.4.84.1.x86_64"
},
"product_reference": "libcurl4-7.66.0-150200.4.84.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-32bit-7.66.0-150200.4.84.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libcurl4-32bit-7.66.0-150200.4.84.1.x86_64"
},
"product_reference": "libcurl4-32bit-7.66.0-150200.4.84.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-0167",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-0167"
}
],
"notes": [
{
"category": "general",
"text": "When asked to use a `.netrc` file for credentials **and** to follow HTTP\nredirects, curl could leak the password used for the first host to the\nfollowed-to host under certain circumstances.\n\nThis flaw only manifests itself if the netrc file has a `default` entry that\nomits both login and password. A rare circumstance.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:curl-7.66.0-150200.4.84.1.aarch64",
"SUSE Enterprise Storage 7.1:curl-7.66.0-150200.4.84.1.x86_64",
"SUSE Enterprise Storage 7.1:libcurl-devel-7.66.0-150200.4.84.1.aarch64",
"SUSE Enterprise Storage 7.1:libcurl-devel-7.66.0-150200.4.84.1.x86_64",
"SUSE Enterprise Storage 7.1:libcurl4-32bit-7.66.0-150200.4.84.1.x86_64",
"SUSE Enterprise Storage 7.1:libcurl4-7.66.0-150200.4.84.1.aarch64",
"SUSE Enterprise Storage 7.1:libcurl4-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl4-32bit-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:curl-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:curl-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Micro 5.1:curl-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libcurl4-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libcurl4-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libcurl4-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:curl-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:curl-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Micro 5.2:curl-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libcurl4-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libcurl4-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libcurl4-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-32bit-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:curl-7.66.0-150200.4.84.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:curl-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl-devel-7.66.0-150200.4.84.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl-devel-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl4-32bit-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl4-7.66.0-150200.4.84.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl4-7.66.0-150200.4.84.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-0167",
"url": "https://www.suse.com/security/cve/CVE-2025-0167"
},
{
"category": "external",
"summary": "SUSE Bug 1234068 for CVE-2025-0167",
"url": "https://bugzilla.suse.com/1234068"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:curl-7.66.0-150200.4.84.1.aarch64",
"SUSE Enterprise Storage 7.1:curl-7.66.0-150200.4.84.1.x86_64",
"SUSE Enterprise Storage 7.1:libcurl-devel-7.66.0-150200.4.84.1.aarch64",
"SUSE Enterprise Storage 7.1:libcurl-devel-7.66.0-150200.4.84.1.x86_64",
"SUSE Enterprise Storage 7.1:libcurl4-32bit-7.66.0-150200.4.84.1.x86_64",
"SUSE Enterprise Storage 7.1:libcurl4-7.66.0-150200.4.84.1.aarch64",
"SUSE Enterprise Storage 7.1:libcurl4-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl4-32bit-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:curl-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:curl-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Micro 5.1:curl-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libcurl4-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libcurl4-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libcurl4-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:curl-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:curl-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Micro 5.2:curl-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libcurl4-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libcurl4-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libcurl4-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-32bit-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:curl-7.66.0-150200.4.84.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:curl-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl-devel-7.66.0-150200.4.84.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl-devel-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl4-32bit-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl4-7.66.0-150200.4.84.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl4-7.66.0-150200.4.84.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:curl-7.66.0-150200.4.84.1.aarch64",
"SUSE Enterprise Storage 7.1:curl-7.66.0-150200.4.84.1.x86_64",
"SUSE Enterprise Storage 7.1:libcurl-devel-7.66.0-150200.4.84.1.aarch64",
"SUSE Enterprise Storage 7.1:libcurl-devel-7.66.0-150200.4.84.1.x86_64",
"SUSE Enterprise Storage 7.1:libcurl4-32bit-7.66.0-150200.4.84.1.x86_64",
"SUSE Enterprise Storage 7.1:libcurl4-7.66.0-150200.4.84.1.aarch64",
"SUSE Enterprise Storage 7.1:libcurl4-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl4-32bit-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:curl-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:curl-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Micro 5.1:curl-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libcurl4-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libcurl4-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libcurl4-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:curl-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:curl-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Micro 5.2:curl-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libcurl4-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libcurl4-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libcurl4-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-32bit-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:curl-7.66.0-150200.4.84.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:curl-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl-devel-7.66.0-150200.4.84.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl-devel-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl4-32bit-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl4-7.66.0-150200.4.84.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl4-7.66.0-150200.4.84.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-05T15:36:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-0167"
},
{
"cve": "CVE-2025-0725",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-0725"
}
],
"notes": [
{
"category": "general",
"text": "When libcurl is asked to perform automatic gzip decompression of\ncontent-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option,\n**using zlib 1.2.0.3 or older**, an attacker-controlled integer overflow would\nmake libcurl perform a buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:curl-7.66.0-150200.4.84.1.aarch64",
"SUSE Enterprise Storage 7.1:curl-7.66.0-150200.4.84.1.x86_64",
"SUSE Enterprise Storage 7.1:libcurl-devel-7.66.0-150200.4.84.1.aarch64",
"SUSE Enterprise Storage 7.1:libcurl-devel-7.66.0-150200.4.84.1.x86_64",
"SUSE Enterprise Storage 7.1:libcurl4-32bit-7.66.0-150200.4.84.1.x86_64",
"SUSE Enterprise Storage 7.1:libcurl4-7.66.0-150200.4.84.1.aarch64",
"SUSE Enterprise Storage 7.1:libcurl4-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl4-32bit-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:curl-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:curl-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Micro 5.1:curl-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libcurl4-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libcurl4-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libcurl4-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:curl-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:curl-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Micro 5.2:curl-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libcurl4-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libcurl4-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libcurl4-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-32bit-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:curl-7.66.0-150200.4.84.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:curl-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl-devel-7.66.0-150200.4.84.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl-devel-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl4-32bit-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl4-7.66.0-150200.4.84.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl4-7.66.0-150200.4.84.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-0725",
"url": "https://www.suse.com/security/cve/CVE-2025-0725"
},
{
"category": "external",
"summary": "SUSE Bug 1236590 for CVE-2025-0725",
"url": "https://bugzilla.suse.com/1236590"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:curl-7.66.0-150200.4.84.1.aarch64",
"SUSE Enterprise Storage 7.1:curl-7.66.0-150200.4.84.1.x86_64",
"SUSE Enterprise Storage 7.1:libcurl-devel-7.66.0-150200.4.84.1.aarch64",
"SUSE Enterprise Storage 7.1:libcurl-devel-7.66.0-150200.4.84.1.x86_64",
"SUSE Enterprise Storage 7.1:libcurl4-32bit-7.66.0-150200.4.84.1.x86_64",
"SUSE Enterprise Storage 7.1:libcurl4-7.66.0-150200.4.84.1.aarch64",
"SUSE Enterprise Storage 7.1:libcurl4-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl4-32bit-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:curl-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:curl-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Micro 5.1:curl-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libcurl4-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libcurl4-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libcurl4-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:curl-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:curl-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Micro 5.2:curl-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libcurl4-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libcurl4-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libcurl4-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-32bit-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:curl-7.66.0-150200.4.84.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:curl-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl-devel-7.66.0-150200.4.84.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl-devel-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl4-32bit-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl4-7.66.0-150200.4.84.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl4-7.66.0-150200.4.84.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:curl-7.66.0-150200.4.84.1.aarch64",
"SUSE Enterprise Storage 7.1:curl-7.66.0-150200.4.84.1.x86_64",
"SUSE Enterprise Storage 7.1:libcurl-devel-7.66.0-150200.4.84.1.aarch64",
"SUSE Enterprise Storage 7.1:libcurl-devel-7.66.0-150200.4.84.1.x86_64",
"SUSE Enterprise Storage 7.1:libcurl4-32bit-7.66.0-150200.4.84.1.x86_64",
"SUSE Enterprise Storage 7.1:libcurl4-7.66.0-150200.4.84.1.aarch64",
"SUSE Enterprise Storage 7.1:libcurl4-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl4-32bit-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:curl-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:curl-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Micro 5.1:curl-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libcurl4-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libcurl4-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libcurl4-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:curl-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:curl-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Micro 5.2:curl-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libcurl4-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libcurl4-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libcurl4-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:curl-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl-devel-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-32bit-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libcurl4-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:curl-7.66.0-150200.4.84.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:curl-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl-devel-7.66.0-150200.4.84.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl-devel-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl4-32bit-7.66.0-150200.4.84.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl4-7.66.0-150200.4.84.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libcurl4-7.66.0-150200.4.84.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-05T15:36:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-0725"
}
]
}
SUSE-SU-2025:20144-1
Vulnerability from csaf_suse - Published: 2025-03-12 10:47 - Updated: 2025-03-12 10:47Summary
Security update for curl
Severity
Moderate
Notes
Title of the patch: Security update for curl
Description of the patch: This update for curl fixes the following issues:
Security issues fixed:
- CVE-2025-0725: Fixed gzip integer overflow (bsc#1236590)
- CVE-2025-0167: Fixed netrc and default credential leak (bsc#1236588)
Other issues fixed:
- Make sure the TLS handshake after a successful STARTTLS command
is fully done before further sending/receiving on the connection. (bsc#1235151)
Patchnames: SUSE-SLE-Micro-6.0-239
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:curl-8.6.0-6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:curl-8.6.0-6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:curl-8.6.0-6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libcurl4-8.6.0-6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libcurl4-8.6.0-6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libcurl4-8.6.0-6.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:curl-8.6.0-6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:curl-8.6.0-6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:curl-8.6.0-6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libcurl4-8.6.0-6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libcurl4-8.6.0-6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libcurl4-8.6.0-6.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
13 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for curl",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for curl fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2025-0725: Fixed gzip integer overflow (bsc#1236590)\n- CVE-2025-0167: Fixed netrc and default credential leak (bsc#1236588)\n\nOther issues fixed:\n\n- Make sure the TLS handshake after a successful STARTTLS command\n is fully done before further sending/receiving on the connection. (bsc#1235151)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-239",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20144-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20144-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520144-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20144-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021193.html"
},
{
"category": "self",
"summary": "SUSE Bug 1235151",
"url": "https://bugzilla.suse.com/1235151"
},
{
"category": "self",
"summary": "SUSE Bug 1236588",
"url": "https://bugzilla.suse.com/1236588"
},
{
"category": "self",
"summary": "SUSE Bug 1236590",
"url": "https://bugzilla.suse.com/1236590"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-0167 page",
"url": "https://www.suse.com/security/cve/CVE-2025-0167/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-0725 page",
"url": "https://www.suse.com/security/cve/CVE-2025-0725/"
}
],
"title": "Security update for curl",
"tracking": {
"current_release_date": "2025-03-12T10:47:54Z",
"generator": {
"date": "2025-03-12T10:47:54Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20144-1",
"initial_release_date": "2025-03-12T10:47:54Z",
"revision_history": [
{
"date": "2025-03-12T10:47:54Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "curl-8.6.0-6.1.aarch64",
"product": {
"name": "curl-8.6.0-6.1.aarch64",
"product_id": "curl-8.6.0-6.1.aarch64"
}
},
{
"category": "product_version",
"name": "libcurl4-8.6.0-6.1.aarch64",
"product": {
"name": "libcurl4-8.6.0-6.1.aarch64",
"product_id": "libcurl4-8.6.0-6.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "curl-8.6.0-6.1.s390x",
"product": {
"name": "curl-8.6.0-6.1.s390x",
"product_id": "curl-8.6.0-6.1.s390x"
}
},
{
"category": "product_version",
"name": "libcurl4-8.6.0-6.1.s390x",
"product": {
"name": "libcurl4-8.6.0-6.1.s390x",
"product_id": "libcurl4-8.6.0-6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "curl-8.6.0-6.1.x86_64",
"product": {
"name": "curl-8.6.0-6.1.x86_64",
"product_id": "curl-8.6.0-6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libcurl4-8.6.0-6.1.x86_64",
"product": {
"name": "libcurl4-8.6.0-6.1.x86_64",
"product_id": "libcurl4-8.6.0-6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-8.6.0-6.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:curl-8.6.0-6.1.aarch64"
},
"product_reference": "curl-8.6.0-6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-8.6.0-6.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:curl-8.6.0-6.1.s390x"
},
"product_reference": "curl-8.6.0-6.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-8.6.0-6.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:curl-8.6.0-6.1.x86_64"
},
"product_reference": "curl-8.6.0-6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.6.0-6.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libcurl4-8.6.0-6.1.aarch64"
},
"product_reference": "libcurl4-8.6.0-6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.6.0-6.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libcurl4-8.6.0-6.1.s390x"
},
"product_reference": "libcurl4-8.6.0-6.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl4-8.6.0-6.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libcurl4-8.6.0-6.1.x86_64"
},
"product_reference": "libcurl4-8.6.0-6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-0167",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-0167"
}
],
"notes": [
{
"category": "general",
"text": "When asked to use a `.netrc` file for credentials **and** to follow HTTP\nredirects, curl could leak the password used for the first host to the\nfollowed-to host under certain circumstances.\n\nThis flaw only manifests itself if the netrc file has a `default` entry that\nomits both login and password. A rare circumstance.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:curl-8.6.0-6.1.aarch64",
"SUSE Linux Micro 6.0:curl-8.6.0-6.1.s390x",
"SUSE Linux Micro 6.0:curl-8.6.0-6.1.x86_64",
"SUSE Linux Micro 6.0:libcurl4-8.6.0-6.1.aarch64",
"SUSE Linux Micro 6.0:libcurl4-8.6.0-6.1.s390x",
"SUSE Linux Micro 6.0:libcurl4-8.6.0-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-0167",
"url": "https://www.suse.com/security/cve/CVE-2025-0167"
},
{
"category": "external",
"summary": "SUSE Bug 1234068 for CVE-2025-0167",
"url": "https://bugzilla.suse.com/1234068"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:curl-8.6.0-6.1.aarch64",
"SUSE Linux Micro 6.0:curl-8.6.0-6.1.s390x",
"SUSE Linux Micro 6.0:curl-8.6.0-6.1.x86_64",
"SUSE Linux Micro 6.0:libcurl4-8.6.0-6.1.aarch64",
"SUSE Linux Micro 6.0:libcurl4-8.6.0-6.1.s390x",
"SUSE Linux Micro 6.0:libcurl4-8.6.0-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:curl-8.6.0-6.1.aarch64",
"SUSE Linux Micro 6.0:curl-8.6.0-6.1.s390x",
"SUSE Linux Micro 6.0:curl-8.6.0-6.1.x86_64",
"SUSE Linux Micro 6.0:libcurl4-8.6.0-6.1.aarch64",
"SUSE Linux Micro 6.0:libcurl4-8.6.0-6.1.s390x",
"SUSE Linux Micro 6.0:libcurl4-8.6.0-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-12T10:47:54Z",
"details": "moderate"
}
],
"title": "CVE-2025-0167"
},
{
"cve": "CVE-2025-0725",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-0725"
}
],
"notes": [
{
"category": "general",
"text": "When libcurl is asked to perform automatic gzip decompression of\ncontent-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option,\n**using zlib 1.2.0.3 or older**, an attacker-controlled integer overflow would\nmake libcurl perform a buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:curl-8.6.0-6.1.aarch64",
"SUSE Linux Micro 6.0:curl-8.6.0-6.1.s390x",
"SUSE Linux Micro 6.0:curl-8.6.0-6.1.x86_64",
"SUSE Linux Micro 6.0:libcurl4-8.6.0-6.1.aarch64",
"SUSE Linux Micro 6.0:libcurl4-8.6.0-6.1.s390x",
"SUSE Linux Micro 6.0:libcurl4-8.6.0-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-0725",
"url": "https://www.suse.com/security/cve/CVE-2025-0725"
},
{
"category": "external",
"summary": "SUSE Bug 1236590 for CVE-2025-0725",
"url": "https://bugzilla.suse.com/1236590"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:curl-8.6.0-6.1.aarch64",
"SUSE Linux Micro 6.0:curl-8.6.0-6.1.s390x",
"SUSE Linux Micro 6.0:curl-8.6.0-6.1.x86_64",
"SUSE Linux Micro 6.0:libcurl4-8.6.0-6.1.aarch64",
"SUSE Linux Micro 6.0:libcurl4-8.6.0-6.1.s390x",
"SUSE Linux Micro 6.0:libcurl4-8.6.0-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:curl-8.6.0-6.1.aarch64",
"SUSE Linux Micro 6.0:curl-8.6.0-6.1.s390x",
"SUSE Linux Micro 6.0:curl-8.6.0-6.1.x86_64",
"SUSE Linux Micro 6.0:libcurl4-8.6.0-6.1.aarch64",
"SUSE Linux Micro 6.0:libcurl4-8.6.0-6.1.s390x",
"SUSE Linux Micro 6.0:libcurl4-8.6.0-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-12T10:47:54Z",
"details": "moderate"
}
],
"title": "CVE-2025-0725"
}
]
}
WID-SEC-W-2025-0270
Vulnerability from csaf_certbund - Published: 2025-02-04 23:00 - Updated: 2026-01-05 23:00Summary
cURL: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: cURL ist eine Client-Software, die das Austauschen von Dateien mittels mehrerer Protokolle wie z. B. HTTP oder FTP erlaubt.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in cURL ausnutzen, um Informationen offenzulegen, einen Denial of Service Zustand herbeizuführen und um nicht näher bekannte Auswirkungen zu erzielen.
Betroffene Betriebssysteme: - Linux
- Sonstiges
- UNIX
Affected products
Known affected
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM AIX 7.3.1
IBM / AIX
|
cpe:/o:ibm:aix:7.3.1
|
7.3.1 | |
|
IBM AIX 7.3.2
IBM / AIX
|
cpe:/o:ibm:aix:7.3.2
|
7.3.2 | |
|
Dell NetWorker
Dell / NetWorker
|
cpe:/a:dell:networker:virtual
|
— | |
|
Open Source cURL 8.11.1
Open Source / cURL
|
cpe:/a:curl:curl:8.11.1
|
8.11.1 | |
|
Splunk Splunk Enterprise <9.2.8
Splunk / Splunk Enterprise
|
<9.2.8 | ||
|
IBM AIX 7.3.3
IBM / AIX
|
cpe:/o:ibm:aix:7.3.3
|
7.3.3 | |
|
Splunk Splunk Enterprise <9.4.3
Splunk / Splunk Enterprise
|
<9.4.3 | ||
|
Dell NetWorker <19.12.0.4
Dell / NetWorker
|
<19.12.0.4 | ||
|
Dell PowerProtect Data Domain <7.13.1.40
Dell / PowerProtect Data Domain
|
<7.13.1.40 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Splunk Splunk Enterprise <9.2.7
Splunk / Splunk Enterprise
|
<9.2.7 | ||
|
Splunk Splunk Enterprise <9.3.5
Splunk / Splunk Enterprise
|
<9.3.5 | ||
|
Splunk Splunk Enterprise <9.4.4
Splunk / Splunk Enterprise
|
<9.4.4 | ||
|
Splunk Splunk Enterprise <9.1.10
Splunk / Splunk Enterprise
|
<9.1.10 | ||
|
Dell PowerProtect Data Domain <7.10.1.70
Dell / PowerProtect Data Domain
|
<7.10.1.70 | ||
|
Splunk Splunk Enterprise <9.3.6
Splunk / Splunk Enterprise
|
<9.3.6 | ||
|
Dell PowerProtect Data Domain <8.3.1.10
Dell / PowerProtect Data Domain
|
<8.3.1.10 | ||
|
Splunk Splunk Enterprise <10.0.1
Splunk / Splunk Enterprise
|
<10.0.1 | ||
|
Open Source cURL <8.12.0
Open Source / cURL
|
<8.12.0 | ||
|
Dell NetWorker <19.13.0.2
Dell / NetWorker
|
<19.13.0.2 | ||
|
Open Source cURL 7.76.0-8.11.1
Open Source / cURL
|
cpe:/a:curl:curl:7.76.0_-_8.11.1
|
7.76.0-8.11.1 | |
|
NetApp Data ONTAP 9
NetApp / Data ONTAP
|
cpe:/a:netapp:data_ontap:9
|
9 | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <8.4.0.0
Dell / PowerProtect Data Domain
|
<8.4.0.0 | ||
|
Tenable Security Nessus Network Monitor <6.5.1
Tenable Security / Nessus Network Monitor
|
<6.5.1 | ||
|
Dell NetWorker <19.12.0.2
Dell / NetWorker
|
<19.12.0.2 | ||
|
Dell NetWorker <19.11.0.6
Dell / NetWorker
|
<19.11.0.6 | ||
|
Meinberg LANTIME <7.08.021
Meinberg / LANTIME
|
<7.08.021 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM AIX 7.3.1
IBM / AIX
|
cpe:/o:ibm:aix:7.3.1
|
7.3.1 | |
|
IBM AIX 7.3.2
IBM / AIX
|
cpe:/o:ibm:aix:7.3.2
|
7.3.2 | |
|
Dell NetWorker
Dell / NetWorker
|
cpe:/a:dell:networker:virtual
|
— | |
|
Open Source cURL 8.11.1
Open Source / cURL
|
cpe:/a:curl:curl:8.11.1
|
8.11.1 | |
|
Splunk Splunk Enterprise <9.2.8
Splunk / Splunk Enterprise
|
<9.2.8 | ||
|
IBM AIX 7.3.3
IBM / AIX
|
cpe:/o:ibm:aix:7.3.3
|
7.3.3 | |
|
Splunk Splunk Enterprise <9.4.3
Splunk / Splunk Enterprise
|
<9.4.3 | ||
|
Dell NetWorker <19.12.0.4
Dell / NetWorker
|
<19.12.0.4 | ||
|
Dell PowerProtect Data Domain <7.13.1.40
Dell / PowerProtect Data Domain
|
<7.13.1.40 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Splunk Splunk Enterprise <9.2.7
Splunk / Splunk Enterprise
|
<9.2.7 | ||
|
Splunk Splunk Enterprise <9.3.5
Splunk / Splunk Enterprise
|
<9.3.5 | ||
|
Splunk Splunk Enterprise <9.4.4
Splunk / Splunk Enterprise
|
<9.4.4 | ||
|
Splunk Splunk Enterprise <9.1.10
Splunk / Splunk Enterprise
|
<9.1.10 | ||
|
Dell PowerProtect Data Domain <7.10.1.70
Dell / PowerProtect Data Domain
|
<7.10.1.70 | ||
|
Splunk Splunk Enterprise <9.3.6
Splunk / Splunk Enterprise
|
<9.3.6 | ||
|
Dell PowerProtect Data Domain <8.3.1.10
Dell / PowerProtect Data Domain
|
<8.3.1.10 | ||
|
Splunk Splunk Enterprise <10.0.1
Splunk / Splunk Enterprise
|
<10.0.1 | ||
|
Open Source cURL <8.12.0
Open Source / cURL
|
<8.12.0 | ||
|
Dell NetWorker <19.13.0.2
Dell / NetWorker
|
<19.13.0.2 | ||
|
NetApp Data ONTAP 9
NetApp / Data ONTAP
|
cpe:/a:netapp:data_ontap:9
|
9 | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <8.4.0.0
Dell / PowerProtect Data Domain
|
<8.4.0.0 | ||
|
Tenable Security Nessus Network Monitor <6.5.1
Tenable Security / Nessus Network Monitor
|
<6.5.1 | ||
|
Dell NetWorker <19.12.0.2
Dell / NetWorker
|
<19.12.0.2 | ||
|
Dell NetWorker <19.11.0.6
Dell / NetWorker
|
<19.11.0.6 | ||
|
Meinberg LANTIME <7.08.021
Meinberg / LANTIME
|
<7.08.021 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM AIX 7.3.1
IBM / AIX
|
cpe:/o:ibm:aix:7.3.1
|
7.3.1 | |
|
IBM AIX 7.3.2
IBM / AIX
|
cpe:/o:ibm:aix:7.3.2
|
7.3.2 | |
|
Dell NetWorker
Dell / NetWorker
|
cpe:/a:dell:networker:virtual
|
— | |
|
Open Source cURL 8.11.1
Open Source / cURL
|
cpe:/a:curl:curl:8.11.1
|
8.11.1 | |
|
Splunk Splunk Enterprise <9.2.8
Splunk / Splunk Enterprise
|
<9.2.8 | ||
|
IBM AIX 7.3.3
IBM / AIX
|
cpe:/o:ibm:aix:7.3.3
|
7.3.3 | |
|
Splunk Splunk Enterprise <9.4.3
Splunk / Splunk Enterprise
|
<9.4.3 | ||
|
Dell NetWorker <19.12.0.4
Dell / NetWorker
|
<19.12.0.4 | ||
|
Dell PowerProtect Data Domain <7.13.1.40
Dell / PowerProtect Data Domain
|
<7.13.1.40 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Splunk Splunk Enterprise <9.2.7
Splunk / Splunk Enterprise
|
<9.2.7 | ||
|
Splunk Splunk Enterprise <9.3.5
Splunk / Splunk Enterprise
|
<9.3.5 | ||
|
Splunk Splunk Enterprise <9.4.4
Splunk / Splunk Enterprise
|
<9.4.4 | ||
|
Splunk Splunk Enterprise <9.1.10
Splunk / Splunk Enterprise
|
<9.1.10 | ||
|
Dell PowerProtect Data Domain <7.10.1.70
Dell / PowerProtect Data Domain
|
<7.10.1.70 | ||
|
Splunk Splunk Enterprise <9.3.6
Splunk / Splunk Enterprise
|
<9.3.6 | ||
|
Dell PowerProtect Data Domain <8.3.1.10
Dell / PowerProtect Data Domain
|
<8.3.1.10 | ||
|
Splunk Splunk Enterprise <10.0.1
Splunk / Splunk Enterprise
|
<10.0.1 | ||
|
Open Source cURL <8.12.0
Open Source / cURL
|
<8.12.0 | ||
|
Dell NetWorker <19.13.0.2
Dell / NetWorker
|
<19.13.0.2 | ||
|
Open Source cURL 7.10.5-8.11.1
Open Source / cURL
|
cpe:/a:curl:curl:7.10.5_-_8.11.1
|
7.10.5-8.11.1 | |
|
NetApp Data ONTAP 9
NetApp / Data ONTAP
|
cpe:/a:netapp:data_ontap:9
|
9 | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <8.4.0.0
Dell / PowerProtect Data Domain
|
<8.4.0.0 | ||
|
Tenable Security Nessus Network Monitor <6.5.1
Tenable Security / Nessus Network Monitor
|
<6.5.1 | ||
|
Dell NetWorker <19.12.0.2
Dell / NetWorker
|
<19.12.0.2 | ||
|
Dell NetWorker <19.11.0.6
Dell / NetWorker
|
<19.11.0.6 | ||
|
Meinberg LANTIME <7.08.021
Meinberg / LANTIME
|
<7.08.021 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
References
24 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "cURL ist eine Client-Software, die das Austauschen von Dateien mittels mehrerer Protokolle wie z. B. HTTP oder FTP erlaubt.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in cURL ausnutzen, um Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren und um nicht n\u00e4her bekannte Auswirkungen zu erzielen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0270 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0270.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0270 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0270"
},
{
"category": "external",
"summary": "Project curl Security Advisory vom 2025-02-04",
"url": "https://curl.se/docs/CVE-2025-0167.html"
},
{
"category": "external",
"summary": "Project curl Security Advisory vom 2025-02-04",
"url": "https://curl.se/docs/CVE-2025-0665.html"
},
{
"category": "external",
"summary": "Project curl Security Advisory vom 2025-02-04",
"url": "https://curl.se/docs/CVE-2025-0725.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0371-1 vom 2025-02-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020276.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0372-1 vom 2025-02-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020275.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0369-1 vom 2025-02-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020278.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0370-1 vom 2025-02-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020277.html"
},
{
"category": "external",
"summary": "Tenable Security Advisory TNS-2025-10 vom 2025-05-22",
"url": "https://de.tenable.com/security/tns-2025-10"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2025-213 vom 2025-05-30",
"url": "https://www.dell.com/support/kbdoc/de-de/000326299/dsa-2025-213-security-update-for-dell-avamar-dell-networker-virtual-edition-nve-and-dell-powerprotect-dp-series-appliance-dell-integrated-data-protection-appliance-idpa-multiple-third-party-vulnerabilities"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20239-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021084.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20144-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021193.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7235621 vom 2025-06-04",
"url": "https://www.ibm.com/support/pages/node/7235621"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20250306-0008 vom 2025-06-25",
"url": "https://security.netapp.com/advisory/NTAP-20250306-0008"
},
{
"category": "external",
"summary": "Splunk Security Advisory SVD-2025-0710 vom 2025-07-07",
"url": "https://advisory.splunk.com//advisories/SVD-2025-0710"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2025-262 vom 2025-08-01",
"url": "https://www.dell.com/support/kbdoc/000337955"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03198-1 vom 2025-09-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022523.html"
},
{
"category": "external",
"summary": "Dell Security Update vom 2025-10-02",
"url": "https://www.dell.com/support/kbdoc/000376224"
},
{
"category": "external",
"summary": "Splunk Security Advisory SVD-2025-1007 vom 2025-10-01",
"url": "https://advisory.splunk.com//advisories/SVD-2025-1007"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2025-390 vom 2025-11-05",
"url": "https://www.dell.com/support/kbdoc/000385230"
},
{
"category": "external",
"summary": "Meinberg Security Advisory MBGSA-2025.02 vom 2025-11-27",
"url": "https://www.meinberg.de/german/news/meinberg-security-advisory-mbgsa-2025-02-lantime-firmware-v7-08-021.htm"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2025-335 vom 2025-12-06",
"url": "https://www.dell.com/support/kbdoc/000400319"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2ECS-2025-093 vom 2026-01-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2ECS-2025-093.html"
}
],
"source_lang": "en-US",
"title": "cURL: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-01-05T23:00:00.000+00:00",
"generator": {
"date": "2026-01-06T08:35:25.042+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2025-0270",
"initial_release_date": "2025-02-04T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-02-04T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-02-06T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-05-22T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Tenable aufgenommen"
},
{
"date": "2025-05-29T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2025-06-03T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-04T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-06-25T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von NetApp aufgenommen"
},
{
"date": "2025-07-07T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Splunk-SVD aufgenommen"
},
{
"date": "2025-07-31T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2025-09-14T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-10-01T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Dell und Splunk-SVD aufgenommen"
},
{
"date": "2025-11-04T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2025-11-27T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Meinberg aufgenommen"
},
{
"date": "2025-12-07T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2026-01-05T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Amazon aufgenommen"
}
],
"status": "final",
"version": "15"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Dell Avamar",
"product": {
"name": "Dell Avamar",
"product_id": "T039664",
"product_identification_helper": {
"cpe": "cpe:/a:dell:avamar:-"
}
}
},
{
"branches": [
{
"category": "product_name",
"name": "Dell NetWorker",
"product": {
"name": "Dell NetWorker",
"product_id": "T034583",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:virtual"
}
}
},
{
"category": "product_version_range",
"name": "\u003c19.12.0.2",
"product": {
"name": "Dell NetWorker \u003c19.12.0.2",
"product_id": "T045790"
}
},
{
"category": "product_version",
"name": "19.12.0.2",
"product": {
"name": "Dell NetWorker 19.12.0.2",
"product_id": "T045790-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:19.12.0.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c19.11.0.6",
"product": {
"name": "Dell NetWorker \u003c19.11.0.6",
"product_id": "T045791"
}
},
{
"category": "product_version",
"name": "19.11.0.6",
"product": {
"name": "Dell NetWorker 19.11.0.6",
"product_id": "T045791-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:19.11.0.6"
}
}
},
{
"category": "product_version_range",
"name": "\u003c19.12.0.4",
"product": {
"name": "Dell NetWorker \u003c19.12.0.4",
"product_id": "T049169"
}
},
{
"category": "product_version",
"name": "19.12.0.4",
"product": {
"name": "Dell NetWorker 19.12.0.4",
"product_id": "T049169-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:19.12.0.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c19.13.0.2",
"product": {
"name": "Dell NetWorker \u003c19.13.0.2",
"product_id": "T049170"
}
},
{
"category": "product_version",
"name": "19.13.0.2",
"product": {
"name": "Dell NetWorker 19.13.0.2",
"product_id": "T049170-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:19.13.0.2"
}
}
}
],
"category": "product_name",
"name": "NetWorker"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c8.4.0.0",
"product": {
"name": "Dell PowerProtect Data Domain \u003c8.4.0.0",
"product_id": "T045879"
}
},
{
"category": "product_version",
"name": "8.4.0.0",
"product": {
"name": "Dell PowerProtect Data Domain 8.4.0.0",
"product_id": "T045879-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:8.4.0.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.10.1.70",
"product": {
"name": "Dell PowerProtect Data Domain \u003c7.10.1.70",
"product_id": "T045881"
}
},
{
"category": "product_version",
"name": "7.10.1.70",
"product": {
"name": "Dell PowerProtect Data Domain 7.10.1.70",
"product_id": "T045881-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:7.10.1.70"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.13.1.40",
"product": {
"name": "Dell PowerProtect Data Domain \u003c7.13.1.40",
"product_id": "T047343"
}
},
{
"category": "product_version",
"name": "7.13.1.40",
"product": {
"name": "Dell PowerProtect Data Domain 7.13.1.40",
"product_id": "T047343-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:7.13.1.40"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.3.1.10",
"product": {
"name": "Dell PowerProtect Data Domain \u003c8.3.1.10",
"product_id": "T047344"
}
},
{
"category": "product_version",
"name": "8.3.1.10",
"product": {
"name": "Dell PowerProtect Data Domain 8.3.1.10",
"product_id": "T047344-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:8.3.1.10"
}
}
}
],
"category": "product_name",
"name": "PowerProtect Data Domain"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Appliance \u003c5.32.00.18",
"product": {
"name": "Dell Secure Connect Gateway Appliance \u003c5.32.00.18",
"product_id": "T048301"
}
},
{
"category": "product_version",
"name": "Appliance 5.32.00.18",
"product": {
"name": "Dell Secure Connect Gateway Appliance 5.32.00.18",
"product_id": "T048301-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:secure_connect_gateway:appliance__5.32.00.18"
}
}
}
],
"category": "product_name",
"name": "Secure Connect Gateway"
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "7.3.1",
"product": {
"name": "IBM AIX 7.3.1",
"product_id": "T028363",
"product_identification_helper": {
"cpe": "cpe:/o:ibm:aix:7.3.1"
}
}
},
{
"category": "product_version",
"name": "7.3.2",
"product": {
"name": "IBM AIX 7.3.2",
"product_id": "T031553",
"product_identification_helper": {
"cpe": "cpe:/o:ibm:aix:7.3.2"
}
}
},
{
"category": "product_version",
"name": "7.3.3",
"product": {
"name": "IBM AIX 7.3.3",
"product_id": "T044339",
"product_identification_helper": {
"cpe": "cpe:/o:ibm:aix:7.3.3"
}
}
}
],
"category": "product_name",
"name": "AIX"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.08.021",
"product": {
"name": "Meinberg LANTIME \u003c7.08.021",
"product_id": "T048942"
}
},
{
"category": "product_version",
"name": "7.08.021",
"product": {
"name": "Meinberg LANTIME 7.08.021",
"product_id": "T048942-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:meinberg:lantime:7.08.021"
}
}
}
],
"category": "product_name",
"name": "LANTIME"
}
],
"category": "vendor",
"name": "Meinberg"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "9",
"product": {
"name": "NetApp Data ONTAP 9",
"product_id": "T039981",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:data_ontap:9"
}
}
}
],
"category": "product_name",
"name": "Data ONTAP"
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "8.11.1",
"product": {
"name": "Open Source cURL 8.11.1",
"product_id": "T039776",
"product_identification_helper": {
"cpe": "cpe:/a:curl:curl:8.11.1"
}
}
},
{
"category": "product_version",
"name": "7.76.0-8.11.1",
"product": {
"name": "Open Source cURL 7.76.0-8.11.1",
"product_id": "T040814",
"product_identification_helper": {
"cpe": "cpe:/a:curl:curl:7.76.0_-_8.11.1"
}
}
},
{
"category": "product_version",
"name": "7.10.5-8.11.1",
"product": {
"name": "Open Source cURL 7.10.5-8.11.1",
"product_id": "T040815",
"product_identification_helper": {
"cpe": "cpe:/a:curl:curl:7.10.5_-_8.11.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.12.0",
"product": {
"name": "Open Source cURL \u003c8.12.0",
"product_id": "T040816"
}
},
{
"category": "product_version",
"name": "8.12.0",
"product": {
"name": "Open Source cURL 8.12.0",
"product_id": "T040816-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:curl:curl:8.12.0"
}
}
}
],
"category": "product_name",
"name": "cURL"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c9.4.3",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.4.3",
"product_id": "T045086"
}
},
{
"category": "product_version",
"name": "9.4.3",
"product": {
"name": "Splunk Splunk Enterprise 9.4.3",
"product_id": "T045086-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.4.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.3.5",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.3.5",
"product_id": "T045087"
}
},
{
"category": "product_version",
"name": "9.3.5",
"product": {
"name": "Splunk Splunk Enterprise 9.3.5",
"product_id": "T045087-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.3.5"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.2.7",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.2.7",
"product_id": "T045088"
}
},
{
"category": "product_version",
"name": "9.2.7",
"product": {
"name": "Splunk Splunk Enterprise 9.2.7",
"product_id": "T045088-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.2.7"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.1.10",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.1.10",
"product_id": "T045089"
}
},
{
"category": "product_version",
"name": "9.1.10",
"product": {
"name": "Splunk Splunk Enterprise 9.1.10",
"product_id": "T045089-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.1.10"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.0.1",
"product": {
"name": "Splunk Splunk Enterprise \u003c10.0.1",
"product_id": "T047323"
}
},
{
"category": "product_version",
"name": "10.0.1",
"product": {
"name": "Splunk Splunk Enterprise 10.0.1",
"product_id": "T047323-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:10.0.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.4.4",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.4.4",
"product_id": "T047324"
}
},
{
"category": "product_version",
"name": "9.4.4",
"product": {
"name": "Splunk Splunk Enterprise 9.4.4",
"product_id": "T047324-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.4.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.3.6",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.3.6",
"product_id": "T047325"
}
},
{
"category": "product_version",
"name": "9.3.6",
"product": {
"name": "Splunk Splunk Enterprise 9.3.6",
"product_id": "T047325-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.3.6"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.2.8",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.2.8",
"product_id": "T047326"
}
},
{
"category": "product_version",
"name": "9.2.8",
"product": {
"name": "Splunk Splunk Enterprise 9.2.8",
"product_id": "T047326-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.2.8"
}
}
}
],
"category": "product_name",
"name": "Splunk Enterprise"
}
],
"category": "vendor",
"name": "Splunk"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.5.1",
"product": {
"name": "Tenable Security Nessus Network Monitor \u003c6.5.1",
"product_id": "T044107"
}
},
{
"category": "product_version",
"name": "6.5.1",
"product": {
"name": "Tenable Security Nessus Network Monitor 6.5.1",
"product_id": "T044107-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:tenable:nessus_network_monitor:6.5.1"
}
}
}
],
"category": "product_name",
"name": "Nessus Network Monitor"
}
],
"category": "vendor",
"name": "Tenable Security"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-0167",
"product_status": {
"known_affected": [
"T028363",
"T031553",
"T034583",
"T039776",
"T047326",
"T044339",
"T045086",
"T049169",
"T047343",
"398363",
"T045088",
"T045087",
"T047324",
"T045089",
"T045881",
"T047325",
"T047344",
"T047323",
"T040816",
"T049170",
"T040814",
"T039981",
"T039664",
"T002207",
"T045879",
"T044107",
"T045790",
"T045791",
"T048942",
"T048301"
]
},
"release_date": "2025-02-04T23:00:00.000+00:00",
"title": "CVE-2025-0167"
},
{
"cve": "CVE-2025-0665",
"product_status": {
"known_affected": [
"T028363",
"T031553",
"T034583",
"T039776",
"T047326",
"T044339",
"T045086",
"T049169",
"T047343",
"398363",
"T045088",
"T045087",
"T047324",
"T045089",
"T045881",
"T047325",
"T047344",
"T047323",
"T040816",
"T049170",
"T039981",
"T039664",
"T002207",
"T045879",
"T044107",
"T045790",
"T045791",
"T048942",
"T048301"
]
},
"release_date": "2025-02-04T23:00:00.000+00:00",
"title": "CVE-2025-0665"
},
{
"cve": "CVE-2025-0725",
"product_status": {
"known_affected": [
"T028363",
"T031553",
"T034583",
"T039776",
"T047326",
"T044339",
"T045086",
"T049169",
"T047343",
"398363",
"T045088",
"T045087",
"T047324",
"T045089",
"T045881",
"T047325",
"T047344",
"T047323",
"T040816",
"T049170",
"T040815",
"T039981",
"T039664",
"T002207",
"T045879",
"T044107",
"T045790",
"T045791",
"T048942",
"T048301"
]
},
"release_date": "2025-02-04T23:00:00.000+00:00",
"title": "CVE-2025-0725"
}
]
}
WID-SEC-W-2025-1551
Vulnerability from csaf_certbund - Published: 2025-07-15 22:00 - Updated: 2025-07-15 22:00Summary
Oracle Commerce: Schwachstelle gefährdet Vertraulichkeit, Integrität und Verfügbarkeit
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Oracle Commerce ist eine elektronische Handelsplattform.
Angriff: Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Oracle Commerce ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - Linux
- UNIX
- Windows
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Commerce 11.4.0
Oracle / Commerce
|
cpe:/a:oracle:commerce:11.4.0
|
11.4.0 |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle Commerce ist eine elektronische Handelsplattform.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Oracle Commerce ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-1551 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1551.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-1551 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1551"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - July 2025 - Appendix Oracle Commerce vom 2025-07-15",
"url": "https://www.oracle.com/security-alerts/cpujul2025.html#AppendixOCOM"
}
],
"source_lang": "en-US",
"title": "Oracle Commerce: Schwachstelle gef\u00e4hrdet Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit",
"tracking": {
"current_release_date": "2025-07-15T22:00:00.000+00:00",
"generator": {
"date": "2025-07-16T08:21:55.980+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-1551",
"initial_release_date": "2025-07-15T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-07-15T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "11.4.0",
"product": {
"name": "Oracle Commerce 11.4.0",
"product_id": "T038369",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:commerce:11.4.0"
}
}
}
],
"category": "product_name",
"name": "Commerce"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-0725",
"product_status": {
"known_affected": [
"T038369"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-0725"
}
]
}
WID-SEC-W-2025-1564
Vulnerability from csaf_certbund - Published: 2025-07-15 22:00 - Updated: 2025-07-15 22:00Summary
Oracle Siebel CRM: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Siebel CRM ist eine CRM-Lösung von Oracle.
Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Siebel CRM ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - Linux
- UNIX
- Windows
Affected products
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Siebel CRM <=25.5
Oracle / Siebel CRM
|
<=25.5 |
Affected products
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Siebel CRM <=25.5
Oracle / Siebel CRM
|
<=25.5 |
Affected products
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Siebel CRM <=25.5
Oracle / Siebel CRM
|
<=25.5 |
Affected products
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Siebel CRM <=25.5
Oracle / Siebel CRM
|
<=25.5 |
Affected products
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Siebel CRM <=25.5
Oracle / Siebel CRM
|
<=25.5 |
Affected products
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Siebel CRM <=25.5
Oracle / Siebel CRM
|
<=25.5 |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Siebel CRM ist eine CRM-L\u00f6sung von Oracle.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Siebel CRM ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-1564 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1564.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-1564 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1564"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - July 2025 - Appendix Oracle Siebel CRM vom 2025-07-15",
"url": "https://www.oracle.com/security-alerts/cpujul2025.html#AppendixSECR"
}
],
"source_lang": "en-US",
"title": "Oracle Siebel CRM: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-07-15T22:00:00.000+00:00",
"generator": {
"date": "2025-07-16T08:31:56.607+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-1564",
"initial_release_date": "2025-07-15T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-07-15T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=25.5",
"product": {
"name": "Oracle Siebel CRM \u003c=25.5",
"product_id": "T045397"
}
},
{
"category": "product_version_range",
"name": "\u003c=25.5",
"product": {
"name": "Oracle Siebel CRM \u003c=25.5",
"product_id": "T045397-fixed"
}
}
],
"category": "product_name",
"name": "Siebel CRM"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-33813",
"product_status": {
"last_affected": [
"T045397"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2021-33813"
},
{
"cve": "CVE-2024-27309",
"product_status": {
"last_affected": [
"T045397"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2024-27309"
},
{
"cve": "CVE-2024-9143",
"product_status": {
"last_affected": [
"T045397"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2024-9143"
},
{
"cve": "CVE-2025-0725",
"product_status": {
"last_affected": [
"T045397"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-0725"
},
{
"cve": "CVE-2025-24813",
"product_status": {
"last_affected": [
"T045397"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-24813"
},
{
"cve": "CVE-2025-30758",
"product_status": {
"last_affected": [
"T045397"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-30758"
}
]
}
WID-SEC-W-2025-1567
Vulnerability from csaf_certbund - Published: 2025-07-15 22:00 - Updated: 2025-12-01 23:00Summary
Oracle MySQL: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: MySQL ist ein Open Source Datenbankserver von Oracle.
Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle MySQL ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - Linux
- UNIX
- Windows
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.5
Oracle / MySQL
|
<=8.4.5 | ||
|
Oracle MySQL <=8.0.41
Oracle / MySQL
|
<=8.0.41 | ||
|
Oracle MySQL <=8.0.42
Oracle / MySQL
|
<=8.0.42 | ||
|
Oracle MySQL <=8.0.25
Oracle / MySQL
|
<=8.0.25 | ||
|
Oracle MySQL <=9.2.0
Oracle / MySQL
|
<=9.2.0 | ||
|
Oracle MySQL <=7.6.34
Oracle / MySQL
|
<=7.6.34 | ||
|
Oracle MySQL <=9.3.0
Oracle / MySQL
|
<=9.3.0 | ||
|
Oracle MySQL <=9.1.0
Oracle / MySQL
|
<=9.1.0 | ||
|
Oracle MySQL <=8.4.4
Oracle / MySQL
|
<=8.4.4 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.5
Oracle / MySQL
|
<=8.4.5 | ||
|
Oracle MySQL <=8.0.41
Oracle / MySQL
|
<=8.0.41 | ||
|
Oracle MySQL <=8.0.42
Oracle / MySQL
|
<=8.0.42 | ||
|
Oracle MySQL <=8.0.25
Oracle / MySQL
|
<=8.0.25 | ||
|
Oracle MySQL <=9.2.0
Oracle / MySQL
|
<=9.2.0 | ||
|
Oracle MySQL <=7.6.34
Oracle / MySQL
|
<=7.6.34 | ||
|
Oracle MySQL <=9.3.0
Oracle / MySQL
|
<=9.3.0 | ||
|
Oracle MySQL <=9.1.0
Oracle / MySQL
|
<=9.1.0 | ||
|
Oracle MySQL <=8.4.4
Oracle / MySQL
|
<=8.4.4 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.5
Oracle / MySQL
|
<=8.4.5 | ||
|
Oracle MySQL <=8.0.41
Oracle / MySQL
|
<=8.0.41 | ||
|
Oracle MySQL <=8.0.42
Oracle / MySQL
|
<=8.0.42 | ||
|
Oracle MySQL <=8.0.25
Oracle / MySQL
|
<=8.0.25 | ||
|
Oracle MySQL <=9.2.0
Oracle / MySQL
|
<=9.2.0 | ||
|
Oracle MySQL <=7.6.34
Oracle / MySQL
|
<=7.6.34 | ||
|
Oracle MySQL <=9.3.0
Oracle / MySQL
|
<=9.3.0 | ||
|
Oracle MySQL <=9.1.0
Oracle / MySQL
|
<=9.1.0 | ||
|
Oracle MySQL <=8.4.4
Oracle / MySQL
|
<=8.4.4 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.5
Oracle / MySQL
|
<=8.4.5 | ||
|
Oracle MySQL <=8.0.41
Oracle / MySQL
|
<=8.0.41 | ||
|
Oracle MySQL <=8.0.42
Oracle / MySQL
|
<=8.0.42 | ||
|
Oracle MySQL <=8.0.25
Oracle / MySQL
|
<=8.0.25 | ||
|
Oracle MySQL <=9.2.0
Oracle / MySQL
|
<=9.2.0 | ||
|
Oracle MySQL <=7.6.34
Oracle / MySQL
|
<=7.6.34 | ||
|
Oracle MySQL <=9.3.0
Oracle / MySQL
|
<=9.3.0 | ||
|
Oracle MySQL <=9.1.0
Oracle / MySQL
|
<=9.1.0 | ||
|
Oracle MySQL <=8.4.4
Oracle / MySQL
|
<=8.4.4 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.5
Oracle / MySQL
|
<=8.4.5 | ||
|
Oracle MySQL <=8.0.41
Oracle / MySQL
|
<=8.0.41 | ||
|
Oracle MySQL <=8.0.42
Oracle / MySQL
|
<=8.0.42 | ||
|
Oracle MySQL <=8.0.25
Oracle / MySQL
|
<=8.0.25 | ||
|
Oracle MySQL <=9.2.0
Oracle / MySQL
|
<=9.2.0 | ||
|
Oracle MySQL <=7.6.34
Oracle / MySQL
|
<=7.6.34 | ||
|
Oracle MySQL <=9.3.0
Oracle / MySQL
|
<=9.3.0 | ||
|
Oracle MySQL <=9.1.0
Oracle / MySQL
|
<=9.1.0 | ||
|
Oracle MySQL <=8.4.4
Oracle / MySQL
|
<=8.4.4 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.5
Oracle / MySQL
|
<=8.4.5 | ||
|
Oracle MySQL <=8.0.41
Oracle / MySQL
|
<=8.0.41 | ||
|
Oracle MySQL <=8.0.42
Oracle / MySQL
|
<=8.0.42 | ||
|
Oracle MySQL <=8.0.25
Oracle / MySQL
|
<=8.0.25 | ||
|
Oracle MySQL <=9.2.0
Oracle / MySQL
|
<=9.2.0 | ||
|
Oracle MySQL <=7.6.34
Oracle / MySQL
|
<=7.6.34 | ||
|
Oracle MySQL <=9.3.0
Oracle / MySQL
|
<=9.3.0 | ||
|
Oracle MySQL <=9.1.0
Oracle / MySQL
|
<=9.1.0 | ||
|
Oracle MySQL <=8.4.4
Oracle / MySQL
|
<=8.4.4 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.5
Oracle / MySQL
|
<=8.4.5 | ||
|
Oracle MySQL <=8.0.41
Oracle / MySQL
|
<=8.0.41 | ||
|
Oracle MySQL <=8.0.42
Oracle / MySQL
|
<=8.0.42 | ||
|
Oracle MySQL <=8.0.25
Oracle / MySQL
|
<=8.0.25 | ||
|
Oracle MySQL <=9.2.0
Oracle / MySQL
|
<=9.2.0 | ||
|
Oracle MySQL <=7.6.34
Oracle / MySQL
|
<=7.6.34 | ||
|
Oracle MySQL <=9.3.0
Oracle / MySQL
|
<=9.3.0 | ||
|
Oracle MySQL <=9.1.0
Oracle / MySQL
|
<=9.1.0 | ||
|
Oracle MySQL <=8.4.4
Oracle / MySQL
|
<=8.4.4 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.5
Oracle / MySQL
|
<=8.4.5 | ||
|
Oracle MySQL <=8.0.41
Oracle / MySQL
|
<=8.0.41 | ||
|
Oracle MySQL <=8.0.42
Oracle / MySQL
|
<=8.0.42 | ||
|
Oracle MySQL <=8.0.25
Oracle / MySQL
|
<=8.0.25 | ||
|
Oracle MySQL <=9.2.0
Oracle / MySQL
|
<=9.2.0 | ||
|
Oracle MySQL <=7.6.34
Oracle / MySQL
|
<=7.6.34 | ||
|
Oracle MySQL <=9.3.0
Oracle / MySQL
|
<=9.3.0 | ||
|
Oracle MySQL <=9.1.0
Oracle / MySQL
|
<=9.1.0 | ||
|
Oracle MySQL <=8.4.4
Oracle / MySQL
|
<=8.4.4 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.5
Oracle / MySQL
|
<=8.4.5 | ||
|
Oracle MySQL <=8.0.41
Oracle / MySQL
|
<=8.0.41 | ||
|
Oracle MySQL <=8.0.42
Oracle / MySQL
|
<=8.0.42 | ||
|
Oracle MySQL <=8.0.25
Oracle / MySQL
|
<=8.0.25 | ||
|
Oracle MySQL <=9.2.0
Oracle / MySQL
|
<=9.2.0 | ||
|
Oracle MySQL <=7.6.34
Oracle / MySQL
|
<=7.6.34 | ||
|
Oracle MySQL <=9.3.0
Oracle / MySQL
|
<=9.3.0 | ||
|
Oracle MySQL <=9.1.0
Oracle / MySQL
|
<=9.1.0 | ||
|
Oracle MySQL <=8.4.4
Oracle / MySQL
|
<=8.4.4 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.5
Oracle / MySQL
|
<=8.4.5 | ||
|
Oracle MySQL <=8.0.41
Oracle / MySQL
|
<=8.0.41 | ||
|
Oracle MySQL <=8.0.42
Oracle / MySQL
|
<=8.0.42 | ||
|
Oracle MySQL <=8.0.25
Oracle / MySQL
|
<=8.0.25 | ||
|
Oracle MySQL <=9.2.0
Oracle / MySQL
|
<=9.2.0 | ||
|
Oracle MySQL <=7.6.34
Oracle / MySQL
|
<=7.6.34 | ||
|
Oracle MySQL <=9.3.0
Oracle / MySQL
|
<=9.3.0 | ||
|
Oracle MySQL <=9.1.0
Oracle / MySQL
|
<=9.1.0 | ||
|
Oracle MySQL <=8.4.4
Oracle / MySQL
|
<=8.4.4 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.5
Oracle / MySQL
|
<=8.4.5 | ||
|
Oracle MySQL <=8.0.41
Oracle / MySQL
|
<=8.0.41 | ||
|
Oracle MySQL <=8.0.42
Oracle / MySQL
|
<=8.0.42 | ||
|
Oracle MySQL <=8.0.25
Oracle / MySQL
|
<=8.0.25 | ||
|
Oracle MySQL <=9.2.0
Oracle / MySQL
|
<=9.2.0 | ||
|
Oracle MySQL <=7.6.34
Oracle / MySQL
|
<=7.6.34 | ||
|
Oracle MySQL <=9.3.0
Oracle / MySQL
|
<=9.3.0 | ||
|
Oracle MySQL <=9.1.0
Oracle / MySQL
|
<=9.1.0 | ||
|
Oracle MySQL <=8.4.4
Oracle / MySQL
|
<=8.4.4 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.5
Oracle / MySQL
|
<=8.4.5 | ||
|
Oracle MySQL <=8.0.41
Oracle / MySQL
|
<=8.0.41 | ||
|
Oracle MySQL <=8.0.42
Oracle / MySQL
|
<=8.0.42 | ||
|
Oracle MySQL <=8.0.25
Oracle / MySQL
|
<=8.0.25 | ||
|
Oracle MySQL <=9.2.0
Oracle / MySQL
|
<=9.2.0 | ||
|
Oracle MySQL <=7.6.34
Oracle / MySQL
|
<=7.6.34 | ||
|
Oracle MySQL <=9.3.0
Oracle / MySQL
|
<=9.3.0 | ||
|
Oracle MySQL <=9.1.0
Oracle / MySQL
|
<=9.1.0 | ||
|
Oracle MySQL <=8.4.4
Oracle / MySQL
|
<=8.4.4 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.5
Oracle / MySQL
|
<=8.4.5 | ||
|
Oracle MySQL <=8.0.41
Oracle / MySQL
|
<=8.0.41 | ||
|
Oracle MySQL <=8.0.42
Oracle / MySQL
|
<=8.0.42 | ||
|
Oracle MySQL <=8.0.25
Oracle / MySQL
|
<=8.0.25 | ||
|
Oracle MySQL <=9.2.0
Oracle / MySQL
|
<=9.2.0 | ||
|
Oracle MySQL <=7.6.34
Oracle / MySQL
|
<=7.6.34 | ||
|
Oracle MySQL <=9.3.0
Oracle / MySQL
|
<=9.3.0 | ||
|
Oracle MySQL <=9.1.0
Oracle / MySQL
|
<=9.1.0 | ||
|
Oracle MySQL <=8.4.4
Oracle / MySQL
|
<=8.4.4 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.5
Oracle / MySQL
|
<=8.4.5 | ||
|
Oracle MySQL <=8.0.41
Oracle / MySQL
|
<=8.0.41 | ||
|
Oracle MySQL <=8.0.42
Oracle / MySQL
|
<=8.0.42 | ||
|
Oracle MySQL <=8.0.25
Oracle / MySQL
|
<=8.0.25 | ||
|
Oracle MySQL <=9.2.0
Oracle / MySQL
|
<=9.2.0 | ||
|
Oracle MySQL <=7.6.34
Oracle / MySQL
|
<=7.6.34 | ||
|
Oracle MySQL <=9.3.0
Oracle / MySQL
|
<=9.3.0 | ||
|
Oracle MySQL <=9.1.0
Oracle / MySQL
|
<=9.1.0 | ||
|
Oracle MySQL <=8.4.4
Oracle / MySQL
|
<=8.4.4 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.5
Oracle / MySQL
|
<=8.4.5 | ||
|
Oracle MySQL <=8.0.41
Oracle / MySQL
|
<=8.0.41 | ||
|
Oracle MySQL <=8.0.42
Oracle / MySQL
|
<=8.0.42 | ||
|
Oracle MySQL <=8.0.25
Oracle / MySQL
|
<=8.0.25 | ||
|
Oracle MySQL <=9.2.0
Oracle / MySQL
|
<=9.2.0 | ||
|
Oracle MySQL <=7.6.34
Oracle / MySQL
|
<=7.6.34 | ||
|
Oracle MySQL <=9.3.0
Oracle / MySQL
|
<=9.3.0 | ||
|
Oracle MySQL <=9.1.0
Oracle / MySQL
|
<=9.1.0 | ||
|
Oracle MySQL <=8.4.4
Oracle / MySQL
|
<=8.4.4 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.5
Oracle / MySQL
|
<=8.4.5 | ||
|
Oracle MySQL <=8.0.41
Oracle / MySQL
|
<=8.0.41 | ||
|
Oracle MySQL <=8.0.42
Oracle / MySQL
|
<=8.0.42 | ||
|
Oracle MySQL <=8.0.25
Oracle / MySQL
|
<=8.0.25 | ||
|
Oracle MySQL <=9.2.0
Oracle / MySQL
|
<=9.2.0 | ||
|
Oracle MySQL <=7.6.34
Oracle / MySQL
|
<=7.6.34 | ||
|
Oracle MySQL <=9.3.0
Oracle / MySQL
|
<=9.3.0 | ||
|
Oracle MySQL <=9.1.0
Oracle / MySQL
|
<=9.1.0 | ||
|
Oracle MySQL <=8.4.4
Oracle / MySQL
|
<=8.4.4 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.5
Oracle / MySQL
|
<=8.4.5 | ||
|
Oracle MySQL <=8.0.41
Oracle / MySQL
|
<=8.0.41 | ||
|
Oracle MySQL <=8.0.42
Oracle / MySQL
|
<=8.0.42 | ||
|
Oracle MySQL <=8.0.25
Oracle / MySQL
|
<=8.0.25 | ||
|
Oracle MySQL <=9.2.0
Oracle / MySQL
|
<=9.2.0 | ||
|
Oracle MySQL <=7.6.34
Oracle / MySQL
|
<=7.6.34 | ||
|
Oracle MySQL <=9.3.0
Oracle / MySQL
|
<=9.3.0 | ||
|
Oracle MySQL <=9.1.0
Oracle / MySQL
|
<=9.1.0 | ||
|
Oracle MySQL <=8.4.4
Oracle / MySQL
|
<=8.4.4 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.5
Oracle / MySQL
|
<=8.4.5 | ||
|
Oracle MySQL <=8.0.41
Oracle / MySQL
|
<=8.0.41 | ||
|
Oracle MySQL <=8.0.42
Oracle / MySQL
|
<=8.0.42 | ||
|
Oracle MySQL <=8.0.25
Oracle / MySQL
|
<=8.0.25 | ||
|
Oracle MySQL <=9.2.0
Oracle / MySQL
|
<=9.2.0 | ||
|
Oracle MySQL <=7.6.34
Oracle / MySQL
|
<=7.6.34 | ||
|
Oracle MySQL <=9.3.0
Oracle / MySQL
|
<=9.3.0 | ||
|
Oracle MySQL <=9.1.0
Oracle / MySQL
|
<=9.1.0 | ||
|
Oracle MySQL <=8.4.4
Oracle / MySQL
|
<=8.4.4 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.5
Oracle / MySQL
|
<=8.4.5 | ||
|
Oracle MySQL <=8.0.41
Oracle / MySQL
|
<=8.0.41 | ||
|
Oracle MySQL <=8.0.42
Oracle / MySQL
|
<=8.0.42 | ||
|
Oracle MySQL <=8.0.25
Oracle / MySQL
|
<=8.0.25 | ||
|
Oracle MySQL <=9.2.0
Oracle / MySQL
|
<=9.2.0 | ||
|
Oracle MySQL <=7.6.34
Oracle / MySQL
|
<=7.6.34 | ||
|
Oracle MySQL <=9.3.0
Oracle / MySQL
|
<=9.3.0 | ||
|
Oracle MySQL <=9.1.0
Oracle / MySQL
|
<=9.1.0 | ||
|
Oracle MySQL <=8.4.4
Oracle / MySQL
|
<=8.4.4 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.5
Oracle / MySQL
|
<=8.4.5 | ||
|
Oracle MySQL <=8.0.41
Oracle / MySQL
|
<=8.0.41 | ||
|
Oracle MySQL <=8.0.42
Oracle / MySQL
|
<=8.0.42 | ||
|
Oracle MySQL <=8.0.25
Oracle / MySQL
|
<=8.0.25 | ||
|
Oracle MySQL <=9.2.0
Oracle / MySQL
|
<=9.2.0 | ||
|
Oracle MySQL <=7.6.34
Oracle / MySQL
|
<=7.6.34 | ||
|
Oracle MySQL <=9.3.0
Oracle / MySQL
|
<=9.3.0 | ||
|
Oracle MySQL <=9.1.0
Oracle / MySQL
|
<=9.1.0 | ||
|
Oracle MySQL <=8.4.4
Oracle / MySQL
|
<=8.4.4 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.5
Oracle / MySQL
|
<=8.4.5 | ||
|
Oracle MySQL <=8.0.41
Oracle / MySQL
|
<=8.0.41 | ||
|
Oracle MySQL <=8.0.42
Oracle / MySQL
|
<=8.0.42 | ||
|
Oracle MySQL <=8.0.25
Oracle / MySQL
|
<=8.0.25 | ||
|
Oracle MySQL <=9.2.0
Oracle / MySQL
|
<=9.2.0 | ||
|
Oracle MySQL <=7.6.34
Oracle / MySQL
|
<=7.6.34 | ||
|
Oracle MySQL <=9.3.0
Oracle / MySQL
|
<=9.3.0 | ||
|
Oracle MySQL <=9.1.0
Oracle / MySQL
|
<=9.1.0 | ||
|
Oracle MySQL <=8.4.4
Oracle / MySQL
|
<=8.4.4 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.5
Oracle / MySQL
|
<=8.4.5 | ||
|
Oracle MySQL <=8.0.41
Oracle / MySQL
|
<=8.0.41 | ||
|
Oracle MySQL <=8.0.42
Oracle / MySQL
|
<=8.0.42 | ||
|
Oracle MySQL <=8.0.25
Oracle / MySQL
|
<=8.0.25 | ||
|
Oracle MySQL <=9.2.0
Oracle / MySQL
|
<=9.2.0 | ||
|
Oracle MySQL <=7.6.34
Oracle / MySQL
|
<=7.6.34 | ||
|
Oracle MySQL <=9.3.0
Oracle / MySQL
|
<=9.3.0 | ||
|
Oracle MySQL <=9.1.0
Oracle / MySQL
|
<=9.1.0 | ||
|
Oracle MySQL <=8.4.4
Oracle / MySQL
|
<=8.4.4 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.5
Oracle / MySQL
|
<=8.4.5 | ||
|
Oracle MySQL <=8.0.41
Oracle / MySQL
|
<=8.0.41 | ||
|
Oracle MySQL <=8.0.42
Oracle / MySQL
|
<=8.0.42 | ||
|
Oracle MySQL <=8.0.25
Oracle / MySQL
|
<=8.0.25 | ||
|
Oracle MySQL <=9.2.0
Oracle / MySQL
|
<=9.2.0 | ||
|
Oracle MySQL <=7.6.34
Oracle / MySQL
|
<=7.6.34 | ||
|
Oracle MySQL <=9.3.0
Oracle / MySQL
|
<=9.3.0 | ||
|
Oracle MySQL <=9.1.0
Oracle / MySQL
|
<=9.1.0 | ||
|
Oracle MySQL <=8.4.4
Oracle / MySQL
|
<=8.4.4 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.5
Oracle / MySQL
|
<=8.4.5 | ||
|
Oracle MySQL <=8.0.41
Oracle / MySQL
|
<=8.0.41 | ||
|
Oracle MySQL <=8.0.42
Oracle / MySQL
|
<=8.0.42 | ||
|
Oracle MySQL <=8.0.25
Oracle / MySQL
|
<=8.0.25 | ||
|
Oracle MySQL <=9.2.0
Oracle / MySQL
|
<=9.2.0 | ||
|
Oracle MySQL <=7.6.34
Oracle / MySQL
|
<=7.6.34 | ||
|
Oracle MySQL <=9.3.0
Oracle / MySQL
|
<=9.3.0 | ||
|
Oracle MySQL <=9.1.0
Oracle / MySQL
|
<=9.1.0 | ||
|
Oracle MySQL <=8.4.4
Oracle / MySQL
|
<=8.4.4 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.5
Oracle / MySQL
|
<=8.4.5 | ||
|
Oracle MySQL <=8.0.41
Oracle / MySQL
|
<=8.0.41 | ||
|
Oracle MySQL <=8.0.42
Oracle / MySQL
|
<=8.0.42 | ||
|
Oracle MySQL <=8.0.25
Oracle / MySQL
|
<=8.0.25 | ||
|
Oracle MySQL <=9.2.0
Oracle / MySQL
|
<=9.2.0 | ||
|
Oracle MySQL <=7.6.34
Oracle / MySQL
|
<=7.6.34 | ||
|
Oracle MySQL <=9.3.0
Oracle / MySQL
|
<=9.3.0 | ||
|
Oracle MySQL <=9.1.0
Oracle / MySQL
|
<=9.1.0 | ||
|
Oracle MySQL <=8.4.4
Oracle / MySQL
|
<=8.4.4 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.5
Oracle / MySQL
|
<=8.4.5 | ||
|
Oracle MySQL <=8.0.41
Oracle / MySQL
|
<=8.0.41 | ||
|
Oracle MySQL <=8.0.42
Oracle / MySQL
|
<=8.0.42 | ||
|
Oracle MySQL <=8.0.25
Oracle / MySQL
|
<=8.0.25 | ||
|
Oracle MySQL <=9.2.0
Oracle / MySQL
|
<=9.2.0 | ||
|
Oracle MySQL <=7.6.34
Oracle / MySQL
|
<=7.6.34 | ||
|
Oracle MySQL <=9.3.0
Oracle / MySQL
|
<=9.3.0 | ||
|
Oracle MySQL <=9.1.0
Oracle / MySQL
|
<=9.1.0 | ||
|
Oracle MySQL <=8.4.4
Oracle / MySQL
|
<=8.4.4 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.5
Oracle / MySQL
|
<=8.4.5 | ||
|
Oracle MySQL <=8.0.41
Oracle / MySQL
|
<=8.0.41 | ||
|
Oracle MySQL <=8.0.42
Oracle / MySQL
|
<=8.0.42 | ||
|
Oracle MySQL <=8.0.25
Oracle / MySQL
|
<=8.0.25 | ||
|
Oracle MySQL <=9.2.0
Oracle / MySQL
|
<=9.2.0 | ||
|
Oracle MySQL <=7.6.34
Oracle / MySQL
|
<=7.6.34 | ||
|
Oracle MySQL <=9.3.0
Oracle / MySQL
|
<=9.3.0 | ||
|
Oracle MySQL <=9.1.0
Oracle / MySQL
|
<=9.1.0 | ||
|
Oracle MySQL <=8.4.4
Oracle / MySQL
|
<=8.4.4 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.5
Oracle / MySQL
|
<=8.4.5 | ||
|
Oracle MySQL <=8.0.41
Oracle / MySQL
|
<=8.0.41 | ||
|
Oracle MySQL <=8.0.42
Oracle / MySQL
|
<=8.0.42 | ||
|
Oracle MySQL <=8.0.25
Oracle / MySQL
|
<=8.0.25 | ||
|
Oracle MySQL <=9.2.0
Oracle / MySQL
|
<=9.2.0 | ||
|
Oracle MySQL <=7.6.34
Oracle / MySQL
|
<=7.6.34 | ||
|
Oracle MySQL <=9.3.0
Oracle / MySQL
|
<=9.3.0 | ||
|
Oracle MySQL <=9.1.0
Oracle / MySQL
|
<=9.1.0 | ||
|
Oracle MySQL <=8.4.4
Oracle / MySQL
|
<=8.4.4 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.5
Oracle / MySQL
|
<=8.4.5 | ||
|
Oracle MySQL <=8.0.41
Oracle / MySQL
|
<=8.0.41 | ||
|
Oracle MySQL <=8.0.42
Oracle / MySQL
|
<=8.0.42 | ||
|
Oracle MySQL <=8.0.25
Oracle / MySQL
|
<=8.0.25 | ||
|
Oracle MySQL <=9.2.0
Oracle / MySQL
|
<=9.2.0 | ||
|
Oracle MySQL <=7.6.34
Oracle / MySQL
|
<=7.6.34 | ||
|
Oracle MySQL <=9.3.0
Oracle / MySQL
|
<=9.3.0 | ||
|
Oracle MySQL <=9.1.0
Oracle / MySQL
|
<=9.1.0 | ||
|
Oracle MySQL <=8.4.4
Oracle / MySQL
|
<=8.4.4 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.5
Oracle / MySQL
|
<=8.4.5 | ||
|
Oracle MySQL <=8.0.41
Oracle / MySQL
|
<=8.0.41 | ||
|
Oracle MySQL <=8.0.42
Oracle / MySQL
|
<=8.0.42 | ||
|
Oracle MySQL <=8.0.25
Oracle / MySQL
|
<=8.0.25 | ||
|
Oracle MySQL <=9.2.0
Oracle / MySQL
|
<=9.2.0 | ||
|
Oracle MySQL <=7.6.34
Oracle / MySQL
|
<=7.6.34 | ||
|
Oracle MySQL <=9.3.0
Oracle / MySQL
|
<=9.3.0 | ||
|
Oracle MySQL <=9.1.0
Oracle / MySQL
|
<=9.1.0 | ||
|
Oracle MySQL <=8.4.4
Oracle / MySQL
|
<=8.4.4 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.5
Oracle / MySQL
|
<=8.4.5 | ||
|
Oracle MySQL <=8.0.41
Oracle / MySQL
|
<=8.0.41 | ||
|
Oracle MySQL <=8.0.42
Oracle / MySQL
|
<=8.0.42 | ||
|
Oracle MySQL <=8.0.25
Oracle / MySQL
|
<=8.0.25 | ||
|
Oracle MySQL <=9.2.0
Oracle / MySQL
|
<=9.2.0 | ||
|
Oracle MySQL <=7.6.34
Oracle / MySQL
|
<=7.6.34 | ||
|
Oracle MySQL <=9.3.0
Oracle / MySQL
|
<=9.3.0 | ||
|
Oracle MySQL <=9.1.0
Oracle / MySQL
|
<=9.1.0 | ||
|
Oracle MySQL <=8.4.4
Oracle / MySQL
|
<=8.4.4 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.5
Oracle / MySQL
|
<=8.4.5 | ||
|
Oracle MySQL <=8.0.41
Oracle / MySQL
|
<=8.0.41 | ||
|
Oracle MySQL <=8.0.42
Oracle / MySQL
|
<=8.0.42 | ||
|
Oracle MySQL <=8.0.25
Oracle / MySQL
|
<=8.0.25 | ||
|
Oracle MySQL <=9.2.0
Oracle / MySQL
|
<=9.2.0 | ||
|
Oracle MySQL <=7.6.34
Oracle / MySQL
|
<=7.6.34 | ||
|
Oracle MySQL <=9.3.0
Oracle / MySQL
|
<=9.3.0 | ||
|
Oracle MySQL <=9.1.0
Oracle / MySQL
|
<=9.1.0 | ||
|
Oracle MySQL <=8.4.4
Oracle / MySQL
|
<=8.4.4 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.5
Oracle / MySQL
|
<=8.4.5 | ||
|
Oracle MySQL <=8.0.41
Oracle / MySQL
|
<=8.0.41 | ||
|
Oracle MySQL <=8.0.42
Oracle / MySQL
|
<=8.0.42 | ||
|
Oracle MySQL <=8.0.25
Oracle / MySQL
|
<=8.0.25 | ||
|
Oracle MySQL <=9.2.0
Oracle / MySQL
|
<=9.2.0 | ||
|
Oracle MySQL <=7.6.34
Oracle / MySQL
|
<=7.6.34 | ||
|
Oracle MySQL <=9.3.0
Oracle / MySQL
|
<=9.3.0 | ||
|
Oracle MySQL <=9.1.0
Oracle / MySQL
|
<=9.1.0 | ||
|
Oracle MySQL <=8.4.4
Oracle / MySQL
|
<=8.4.4 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.5
Oracle / MySQL
|
<=8.4.5 | ||
|
Oracle MySQL <=8.0.41
Oracle / MySQL
|
<=8.0.41 | ||
|
Oracle MySQL <=8.0.42
Oracle / MySQL
|
<=8.0.42 | ||
|
Oracle MySQL <=8.0.25
Oracle / MySQL
|
<=8.0.25 | ||
|
Oracle MySQL <=9.2.0
Oracle / MySQL
|
<=9.2.0 | ||
|
Oracle MySQL <=7.6.34
Oracle / MySQL
|
<=7.6.34 | ||
|
Oracle MySQL <=9.3.0
Oracle / MySQL
|
<=9.3.0 | ||
|
Oracle MySQL <=9.1.0
Oracle / MySQL
|
<=9.1.0 | ||
|
Oracle MySQL <=8.4.4
Oracle / MySQL
|
<=8.4.4 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.5
Oracle / MySQL
|
<=8.4.5 | ||
|
Oracle MySQL <=8.0.41
Oracle / MySQL
|
<=8.0.41 | ||
|
Oracle MySQL <=8.0.42
Oracle / MySQL
|
<=8.0.42 | ||
|
Oracle MySQL <=8.0.25
Oracle / MySQL
|
<=8.0.25 | ||
|
Oracle MySQL <=9.2.0
Oracle / MySQL
|
<=9.2.0 | ||
|
Oracle MySQL <=7.6.34
Oracle / MySQL
|
<=7.6.34 | ||
|
Oracle MySQL <=9.3.0
Oracle / MySQL
|
<=9.3.0 | ||
|
Oracle MySQL <=9.1.0
Oracle / MySQL
|
<=9.1.0 | ||
|
Oracle MySQL <=8.4.4
Oracle / MySQL
|
<=8.4.4 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <=8.4.5
Oracle / MySQL
|
<=8.4.5 | ||
|
Oracle MySQL <=8.0.41
Oracle / MySQL
|
<=8.0.41 | ||
|
Oracle MySQL <=8.0.42
Oracle / MySQL
|
<=8.0.42 | ||
|
Oracle MySQL <=8.0.25
Oracle / MySQL
|
<=8.0.25 | ||
|
Oracle MySQL <=9.2.0
Oracle / MySQL
|
<=9.2.0 | ||
|
Oracle MySQL <=7.6.34
Oracle / MySQL
|
<=7.6.34 | ||
|
Oracle MySQL <=9.3.0
Oracle / MySQL
|
<=9.3.0 | ||
|
Oracle MySQL <=9.1.0
Oracle / MySQL
|
<=9.1.0 | ||
|
Oracle MySQL <=8.4.4
Oracle / MySQL
|
<=8.4.4 |
References
17 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "MySQL ist ein Open Source Datenbankserver von Oracle.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle MySQL ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-1567 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1567.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-1567 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1567"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - July 2025 - Appendix Oracle MySQL vom 2025-07-15",
"url": "https://www.oracle.com/security-alerts/cpujul2025.html#AppendixMSQL"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7691-1 vom 2025-08-13",
"url": "https://ubuntu.com/security/notices/USN-7691-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:15699 vom 2025-09-11",
"url": "https://access.redhat.com/errata/RHSA-2025:15699"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-15699 vom 2025-09-13",
"url": "http://linux.oracle.com/errata/ELSA-2025-15699.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:16046 vom 2025-09-17",
"url": "https://access.redhat.com/errata/RHSA-2025:16046"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:16086 vom 2025-09-17",
"url": "https://access.redhat.com/errata/RHSA-2025:16086"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-16046 vom 2025-09-18",
"url": "https://linux.oracle.com/errata/ELSA-2025-16046.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-16086 vom 2025-09-23",
"url": "https://linux.oracle.com/errata/ELSA-2025-16086.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:16861 vom 2025-09-29",
"url": "https://access.redhat.com/errata/RHSA-2025:16861"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-16861 vom 2025-09-30",
"url": "https://linux.oracle.com/errata/ELSA-2025-16861.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7691-2 vom 2025-10-06",
"url": "https://ubuntu.com/security/notices/USN-7691-2"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:16086 vom 2025-10-10",
"url": "https://errata.build.resf.org/RLSA-2025:16086"
},
{
"category": "external",
"summary": "XEROX Security Advisory XRX25-018 vom 2025-11-18",
"url": "https://security.business.xerox.com/wp-content/uploads/2025/11/Xerox-Security-Bulletin-XRX25-018-Xerox-FreeFlow-Print-Server-v7.pdf"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:16046 vom 2025-12-02",
"url": "https://errata.build.resf.org/RLSA-2025:16046"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:16861 vom 2025-12-02",
"url": "https://errata.build.resf.org/RLSA-2025:16861"
}
],
"source_lang": "en-US",
"title": "Oracle MySQL: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-12-01T23:00:00.000+00:00",
"generator": {
"date": "2025-12-02T12:07:12.902+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2025-1567",
"initial_release_date": "2025-07-15T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-07-15T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-07-16T22:00:00.000+00:00",
"number": "2",
"summary": "Referenz(en) aufgenommen: EUVD-2025-21495, EUVD-2025-21498, EUVD-2025-21496, EUVD-2025-21494"
},
{
"date": "2025-08-13T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-09-11T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-09-14T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-09-16T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-09-17T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-09-23T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-09-28T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-09-29T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-10-06T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-10-09T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2025-11-17T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von XEROX aufgenommen"
},
{
"date": "2025-12-01T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
}
],
"status": "final",
"version": "14"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=8.0.25",
"product": {
"name": "Oracle MySQL \u003c=8.0.25",
"product_id": "858557"
}
},
{
"category": "product_version_range",
"name": "\u003c=8.0.25",
"product": {
"name": "Oracle MySQL \u003c=8.0.25",
"product_id": "858557-fixed"
}
},
{
"category": "product_version_range",
"name": "\u003c=9.1.0",
"product": {
"name": "Oracle MySQL \u003c=9.1.0",
"product_id": "T040478"
}
},
{
"category": "product_version_range",
"name": "\u003c=9.1.0",
"product": {
"name": "Oracle MySQL \u003c=9.1.0",
"product_id": "T040478-fixed"
}
},
{
"category": "product_version_range",
"name": "\u003c=8.0.41",
"product": {
"name": "Oracle MySQL \u003c=8.0.41",
"product_id": "T042823"
}
},
{
"category": "product_version_range",
"name": "\u003c=8.0.41",
"product": {
"name": "Oracle MySQL \u003c=8.0.41",
"product_id": "T042823-fixed"
}
},
{
"category": "product_version_range",
"name": "\u003c=9.2.0",
"product": {
"name": "Oracle MySQL \u003c=9.2.0",
"product_id": "T042824"
}
},
{
"category": "product_version_range",
"name": "\u003c=9.2.0",
"product": {
"name": "Oracle MySQL \u003c=9.2.0",
"product_id": "T042824-fixed"
}
},
{
"category": "product_version_range",
"name": "\u003c=8.4.4",
"product": {
"name": "Oracle MySQL \u003c=8.4.4",
"product_id": "T042826"
}
},
{
"category": "product_version_range",
"name": "\u003c=8.4.4",
"product": {
"name": "Oracle MySQL \u003c=8.4.4",
"product_id": "T042826-fixed"
}
},
{
"category": "product_version_range",
"name": "\u003c=8.0.42",
"product": {
"name": "Oracle MySQL \u003c=8.0.42",
"product_id": "T045391"
}
},
{
"category": "product_version_range",
"name": "\u003c=8.0.42",
"product": {
"name": "Oracle MySQL \u003c=8.0.42",
"product_id": "T045391-fixed"
}
},
{
"category": "product_version_range",
"name": "\u003c=8.4.5",
"product": {
"name": "Oracle MySQL \u003c=8.4.5",
"product_id": "T045392"
}
},
{
"category": "product_version_range",
"name": "\u003c=8.4.5",
"product": {
"name": "Oracle MySQL \u003c=8.4.5",
"product_id": "T045392-fixed"
}
},
{
"category": "product_version_range",
"name": "\u003c=9.3.0",
"product": {
"name": "Oracle MySQL \u003c=9.3.0",
"product_id": "T045393"
}
},
{
"category": "product_version_range",
"name": "\u003c=9.3.0",
"product": {
"name": "Oracle MySQL \u003c=9.3.0",
"product_id": "T045393-fixed"
}
},
{
"category": "product_version_range",
"name": "\u003c=7.6.34",
"product": {
"name": "Oracle MySQL \u003c=7.6.34",
"product_id": "T045394"
}
},
{
"category": "product_version_range",
"name": "\u003c=7.6.34",
"product": {
"name": "Oracle MySQL \u003c=7.6.34",
"product_id": "T045394-fixed"
}
}
],
"category": "product_name",
"name": "MySQL"
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "v7",
"product": {
"name": "Xerox FreeFlow Print Server v7",
"product_id": "T035098",
"product_identification_helper": {
"cpe": "cpe:/a:xerox:freeflow_print_server:v7"
}
}
}
],
"category": "product_name",
"name": "FreeFlow Print Server"
}
],
"category": "vendor",
"name": "Xerox"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-37891",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T035098",
"T004914",
"T032255"
],
"last_affected": [
"T045392",
"T042823",
"T045391",
"858557",
"T042824",
"T045394",
"T045393",
"T040478",
"T042826"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2024-37891"
},
{
"cve": "CVE-2024-9287",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T035098",
"T004914",
"T032255"
],
"last_affected": [
"T045392",
"T042823",
"T045391",
"858557",
"T042824",
"T045394",
"T045393",
"T040478",
"T042826"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2024-9287"
},
{
"cve": "CVE-2025-0725",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T035098",
"T004914",
"T032255"
],
"last_affected": [
"T045392",
"T042823",
"T045391",
"858557",
"T042824",
"T045394",
"T045393",
"T040478",
"T042826"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-0725"
},
{
"cve": "CVE-2025-32415",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T035098",
"T004914",
"T032255"
],
"last_affected": [
"T045392",
"T042823",
"T045391",
"858557",
"T042824",
"T045394",
"T045393",
"T040478",
"T042826"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-32415"
},
{
"cve": "CVE-2025-50068",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T035098",
"T004914",
"T032255"
],
"last_affected": [
"T045392",
"T042823",
"T045391",
"858557",
"T042824",
"T045394",
"T045393",
"T040478",
"T042826"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-50068"
},
{
"cve": "CVE-2025-50076",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T035098",
"T004914",
"T032255"
],
"last_affected": [
"T045392",
"T042823",
"T045391",
"858557",
"T042824",
"T045394",
"T045393",
"T040478",
"T042826"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-50076"
},
{
"cve": "CVE-2025-50077",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T035098",
"T004914",
"T032255"
],
"last_affected": [
"T045392",
"T042823",
"T045391",
"858557",
"T042824",
"T045394",
"T045393",
"T040478",
"T042826"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-50077"
},
{
"cve": "CVE-2025-50078",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T035098",
"T004914",
"T032255"
],
"last_affected": [
"T045392",
"T042823",
"T045391",
"858557",
"T042824",
"T045394",
"T045393",
"T040478",
"T042826"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-50078"
},
{
"cve": "CVE-2025-50079",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T035098",
"T004914",
"T032255"
],
"last_affected": [
"T045392",
"T042823",
"T045391",
"858557",
"T042824",
"T045394",
"T045393",
"T040478",
"T042826"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-50079"
},
{
"cve": "CVE-2025-50080",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T035098",
"T004914",
"T032255"
],
"last_affected": [
"T045392",
"T042823",
"T045391",
"858557",
"T042824",
"T045394",
"T045393",
"T040478",
"T042826"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-50080"
},
{
"cve": "CVE-2025-50081",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T035098",
"T004914",
"T032255"
],
"last_affected": [
"T045392",
"T042823",
"T045391",
"858557",
"T042824",
"T045394",
"T045393",
"T040478",
"T042826"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-50081"
},
{
"cve": "CVE-2025-50082",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T035098",
"T004914",
"T032255"
],
"last_affected": [
"T045392",
"T042823",
"T045391",
"858557",
"T042824",
"T045394",
"T045393",
"T040478",
"T042826"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-50082"
},
{
"cve": "CVE-2025-50083",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T035098",
"T004914",
"T032255"
],
"last_affected": [
"T045392",
"T042823",
"T045391",
"858557",
"T042824",
"T045394",
"T045393",
"T040478",
"T042826"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-50083"
},
{
"cve": "CVE-2025-50084",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T035098",
"T004914",
"T032255"
],
"last_affected": [
"T045392",
"T042823",
"T045391",
"858557",
"T042824",
"T045394",
"T045393",
"T040478",
"T042826"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-50084"
},
{
"cve": "CVE-2025-50085",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T035098",
"T004914",
"T032255"
],
"last_affected": [
"T045392",
"T042823",
"T045391",
"858557",
"T042824",
"T045394",
"T045393",
"T040478",
"T042826"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-50085"
},
{
"cve": "CVE-2025-50086",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T035098",
"T004914",
"T032255"
],
"last_affected": [
"T045392",
"T042823",
"T045391",
"858557",
"T042824",
"T045394",
"T045393",
"T040478",
"T042826"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-50086"
},
{
"cve": "CVE-2025-50087",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T035098",
"T004914",
"T032255"
],
"last_affected": [
"T045392",
"T042823",
"T045391",
"858557",
"T042824",
"T045394",
"T045393",
"T040478",
"T042826"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-50087"
},
{
"cve": "CVE-2025-50088",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T035098",
"T004914",
"T032255"
],
"last_affected": [
"T045392",
"T042823",
"T045391",
"858557",
"T042824",
"T045394",
"T045393",
"T040478",
"T042826"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-50088"
},
{
"cve": "CVE-2025-50089",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T035098",
"T004914",
"T032255"
],
"last_affected": [
"T045392",
"T042823",
"T045391",
"858557",
"T042824",
"T045394",
"T045393",
"T040478",
"T042826"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-50089"
},
{
"cve": "CVE-2025-50091",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T035098",
"T004914",
"T032255"
],
"last_affected": [
"T045392",
"T042823",
"T045391",
"858557",
"T042824",
"T045394",
"T045393",
"T040478",
"T042826"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-50091"
},
{
"cve": "CVE-2025-50092",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T035098",
"T004914",
"T032255"
],
"last_affected": [
"T045392",
"T042823",
"T045391",
"858557",
"T042824",
"T045394",
"T045393",
"T040478",
"T042826"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-50092"
},
{
"cve": "CVE-2025-50093",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T035098",
"T004914",
"T032255"
],
"last_affected": [
"T045392",
"T042823",
"T045391",
"858557",
"T042824",
"T045394",
"T045393",
"T040478",
"T042826"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-50093"
},
{
"cve": "CVE-2025-50094",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T035098",
"T004914",
"T032255"
],
"last_affected": [
"T045392",
"T042823",
"T045391",
"858557",
"T042824",
"T045394",
"T045393",
"T040478",
"T042826"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-50094"
},
{
"cve": "CVE-2025-50095",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T035098",
"T004914",
"T032255"
],
"last_affected": [
"T045392",
"T042823",
"T045391",
"858557",
"T042824",
"T045394",
"T045393",
"T040478",
"T042826"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-50095"
},
{
"cve": "CVE-2025-50096",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T035098",
"T004914",
"T032255"
],
"last_affected": [
"T045392",
"T042823",
"T045391",
"858557",
"T042824",
"T045394",
"T045393",
"T040478",
"T042826"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-50096"
},
{
"cve": "CVE-2025-50097",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T035098",
"T004914",
"T032255"
],
"last_affected": [
"T045392",
"T042823",
"T045391",
"858557",
"T042824",
"T045394",
"T045393",
"T040478",
"T042826"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-50097"
},
{
"cve": "CVE-2025-50098",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T035098",
"T004914",
"T032255"
],
"last_affected": [
"T045392",
"T042823",
"T045391",
"858557",
"T042824",
"T045394",
"T045393",
"T040478",
"T042826"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-50098"
},
{
"cve": "CVE-2025-50099",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T035098",
"T004914",
"T032255"
],
"last_affected": [
"T045392",
"T042823",
"T045391",
"858557",
"T042824",
"T045394",
"T045393",
"T040478",
"T042826"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-50099"
},
{
"cve": "CVE-2025-50100",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T035098",
"T004914",
"T032255"
],
"last_affected": [
"T045392",
"T042823",
"T045391",
"858557",
"T042824",
"T045394",
"T045393",
"T040478",
"T042826"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-50100"
},
{
"cve": "CVE-2025-50101",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T035098",
"T004914",
"T032255"
],
"last_affected": [
"T045392",
"T042823",
"T045391",
"858557",
"T042824",
"T045394",
"T045393",
"T040478",
"T042826"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-50101"
},
{
"cve": "CVE-2025-50102",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T035098",
"T004914",
"T032255"
],
"last_affected": [
"T045392",
"T042823",
"T045391",
"858557",
"T042824",
"T045394",
"T045393",
"T040478",
"T042826"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-50102"
},
{
"cve": "CVE-2025-50103",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T035098",
"T004914",
"T032255"
],
"last_affected": [
"T045392",
"T042823",
"T045391",
"858557",
"T042824",
"T045394",
"T045393",
"T040478",
"T042826"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-50103"
},
{
"cve": "CVE-2025-50104",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T035098",
"T004914",
"T032255"
],
"last_affected": [
"T045392",
"T042823",
"T045391",
"858557",
"T042824",
"T045394",
"T045393",
"T040478",
"T042826"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-50104"
},
{
"cve": "CVE-2025-53023",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T035098",
"T004914",
"T032255"
],
"last_affected": [
"T045392",
"T042823",
"T045391",
"858557",
"T042824",
"T045394",
"T045393",
"T040478",
"T042826"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-53023"
},
{
"cve": "CVE-2025-53032",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T035098",
"T004914",
"T032255"
],
"last_affected": [
"T045392",
"T042823",
"T045391",
"858557",
"T042824",
"T045394",
"T045393",
"T040478",
"T042826"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-53032"
},
{
"cve": "CVE-2025-5399",
"product_status": {
"known_affected": [
"67646",
"T000126",
"T035098",
"T004914",
"T032255"
],
"last_affected": [
"T045392",
"T042823",
"T045391",
"858557",
"T042824",
"T045394",
"T045393",
"T040478",
"T042826"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-5399"
}
]
}
WID-SEC-W-2025-1572
Vulnerability from csaf_certbund - Published: 2025-07-15 22:00 - Updated: 2025-07-15 22:00Summary
Oracle Fusion Middleware: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Oracle Fusion Middleware bündelt mehrere Produkte zur Erstellung, Betrieb und Management von intelligenten Business Anwendungen.
Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Fusion Middleware ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - Linux
- UNIX
- Windows
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle Fusion Middleware b\u00fcndelt mehrere Produkte zur Erstellung, Betrieb und Management von intelligenten Business Anwendungen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Fusion Middleware ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-1572 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1572.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-1572 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1572"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - July 2025 - Appendix Oracle Fusion Middleware vom 2025-07-15",
"url": "https://www.oracle.com/security-alerts/cpujul2025.html#AppendixFMW"
}
],
"source_lang": "en-US",
"title": "Oracle Fusion Middleware: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-07-15T22:00:00.000+00:00",
"generator": {
"date": "2025-07-16T08:31:59.092+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-1572",
"initial_release_date": "2025-07-15T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-07-15T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "12.2.1.4.0",
"product": {
"name": "Oracle Fusion Middleware 12.2.1.4.0",
"product_id": "751674",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:12.2.1.4.0"
}
}
},
{
"category": "product_version",
"name": "14.1.1.0.0",
"product": {
"name": "Oracle Fusion Middleware 14.1.1.0.0",
"product_id": "829576",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:14.1.1.0.0"
}
}
},
{
"category": "product_version",
"name": "8.5.7",
"product": {
"name": "Oracle Fusion Middleware 8.5.7",
"product_id": "T034057",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:8.5.7"
}
}
},
{
"category": "product_version",
"name": "14.1.2.0.0",
"product": {
"name": "Oracle Fusion Middleware 14.1.2.0.0",
"product_id": "T040467",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:14.1.2.0.0"
}
}
}
],
"category": "product_name",
"name": "Fusion Middleware"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-45693",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2022-45693"
},
{
"cve": "CVE-2023-42917",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2023-42917"
},
{
"cve": "CVE-2024-12801",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2024-12801"
},
{
"cve": "CVE-2024-26308",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2024-26308"
},
{
"cve": "CVE-2024-38477",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2024-38477"
},
{
"cve": "CVE-2024-38819",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2024-38819"
},
{
"cve": "CVE-2024-38828",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2024-38828"
},
{
"cve": "CVE-2024-47072",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2024-47072"
},
{
"cve": "CVE-2024-47554",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2024-47554"
},
{
"cve": "CVE-2024-52046",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2024-52046"
},
{
"cve": "CVE-2024-57699",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2024-57699"
},
{
"cve": "CVE-2024-6763",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2024-6763"
},
{
"cve": "CVE-2024-8176",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2024-8176"
},
{
"cve": "CVE-2024-8184",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2024-8184"
},
{
"cve": "CVE-2024-9143",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2024-9143"
},
{
"cve": "CVE-2025-0725",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-0725"
},
{
"cve": "CVE-2025-24928",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-24928"
},
{
"cve": "CVE-2025-27553",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-27553"
},
{
"cve": "CVE-2025-27817",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-27817"
},
{
"cve": "CVE-2025-29482",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-29482"
},
{
"cve": "CVE-2025-30753",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-30753"
},
{
"cve": "CVE-2025-30762",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-30762"
},
{
"cve": "CVE-2025-31651",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-31651"
},
{
"cve": "CVE-2025-31672",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-31672"
},
{
"cve": "CVE-2025-48734",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-48734"
},
{
"cve": "CVE-2025-49146",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-49146"
},
{
"cve": "CVE-2025-50064",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-50064"
},
{
"cve": "CVE-2025-50072",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-50072"
},
{
"cve": "CVE-2025-50073",
"product_status": {
"known_affected": [
"T040467",
"751674",
"T034057",
"829576"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-50073"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…