Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-12875 (GCVE-0-2025-12875)
Vulnerability from cvelistv5 – Published: 2025-11-07 20:32 – Updated: 2026-02-24 06:25 X_Open Source
VLAI
EPSS
Title
mruby array.c ary_fill_exec out-of-bounds write
Summary
A weakness has been identified in mruby 3.4.0. This vulnerability affects the function ary_fill_exec of the file mrbgems/mruby-array-ext/src/array.c. Executing a manipulation of the argument start/length can lead to out-of-bounds write. The attack needs to be launched locally. The exploit has been made available to the public and could be used for attacks. This patch is called 93619f06dd378db6766666b30c08978311c7ec94. It is best practice to apply a patch to resolve this issue.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
8 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.331511 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.331511 | signaturepermissions-required |
| https://vuldb.com/?submit.680879 | third-party-advisory |
| https://github.com/mruby/mruby/issues/6650 | issue-tracking |
| https://github.com/mruby/mruby/issues/6650#event-… | issue-tracking |
| https://github.com/mruby/mruby/issues/6650#issuec… | exploitissue-tracking |
| https://github.com/makesoftwaresafe/mruby/commit/… | patch |
| https://github.com/mruby/mruby/ | product |
Impacted products
Credits
tjbecker (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12875",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-13T14:13:49.237460Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-13T14:14:24.271Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/mruby/mruby/issues/6650"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/mruby/mruby/issues/6650#issuecomment-3430851605"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:mruby:mruby:*:*:*:*:*:*:*:*"
],
"product": "mruby",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "3.4.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "tjbecker (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A weakness has been identified in mruby 3.4.0. This vulnerability affects the function ary_fill_exec of the file mrbgems/mruby-array-ext/src/array.c. Executing a manipulation of the argument start/length can lead to out-of-bounds write. The attack needs to be launched locally. The exploit has been made available to the public and could be used for attacks. This patch is called 93619f06dd378db6766666b30c08978311c7ec94. It is best practice to apply a patch to resolve this issue."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4.3,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-24T06:25:01.873Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-331511 | mruby array.c ary_fill_exec out-of-bounds write",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.331511"
},
{
"name": "VDB-331511 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.331511"
},
{
"name": "Submit #680879 | mruby 3.4.0 Out-of-bounds Write",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.680879"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/mruby/mruby/issues/6650"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/mruby/mruby/issues/6650#event-20443453808"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/mruby/mruby/issues/6650#issuecomment-3430851605"
},
{
"tags": [
"patch"
],
"url": "https://github.com/makesoftwaresafe/mruby/commit/93619f06dd378db6766666b30c08978311c7ec94"
},
{
"tags": [
"product"
],
"url": "https://github.com/mruby/mruby/"
}
],
"tags": [
"x_open-source"
],
"timeline": [
{
"lang": "en",
"time": "2025-11-07T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-11-07T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-12-02T17:31:54.000Z",
"value": "VulDB entry last update"
}
],
"title": "mruby array.c ary_fill_exec out-of-bounds write"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-12875",
"datePublished": "2025-11-07T20:32:07.100Z",
"dateReserved": "2025-11-07T15:09:38.806Z",
"dateUpdated": "2026-02-24T06:25:01.873Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-12875",
"date": "2026-06-07",
"epss": "0.0002",
"percentile": "0.05577"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-12875\",\"sourceIdentifier\":\"cna@vuldb.com\",\"published\":\"2025-11-07T21:15:40.557\",\"lastModified\":\"2026-04-29T01:00:01.613\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A weakness has been identified in mruby 3.4.0. This vulnerability affects the function ary_fill_exec of the file mrbgems/mruby-array-ext/src/array.c. Executing a manipulation of the argument start/length can lead to out-of-bounds write. The attack needs to be launched locally. The exploit has been made available to the public and could be used for attacks. This patch is called 93619f06dd378db6766666b30c08978311c7ec94. It is best practice to apply a patch to resolve this issue.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":1.9,\"baseSeverity\":\"LOW\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"LOW\",\"vulnIntegrityImpact\":\"LOW\",\"vulnAvailabilityImpact\":\"LOW\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"PROOF_OF_CONCEPT\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":1.8,\"impactScore\":3.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:S/C:P/I:P/A:P\",\"baseScore\":4.3,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.1,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"},{\"lang\":\"en\",\"value\":\"CWE-787\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mruby:mruby:3.4.0:*:*:*:*:ruby:*:*\",\"matchCriteriaId\":\"65ECFCF1-24DD-4CC7-81CD-50D15E75C9F2\"}]}]}],\"references\":[{\"url\":\"https://github.com/makesoftwaresafe/mruby/commit/93619f06dd378db6766666b30c08978311c7ec94\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/mruby/mruby/\",\"source\":\"cna@vuldb.com\"},{\"url\":\"https://github.com/mruby/mruby/issues/6650\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/mruby/mruby/issues/6650#event-20443453808\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/mruby/mruby/issues/6650#issuecomment-3430851605\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://vuldb.com/?ctiid.331511\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Permissions Required\",\"VDB Entry\"]},{\"url\":\"https://vuldb.com/?id.331511\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://vuldb.com/?submit.680879\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://github.com/mruby/mruby/issues/6650\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/mruby/mruby/issues/6650#issuecomment-3430851605\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"Patch\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-12875\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-11-13T14:13:49.237460Z\"}}}], \"references\": [{\"url\": \"https://github.com/mruby/mruby/issues/6650\", \"tags\": [\"exploit\"]}, {\"url\": \"https://github.com/mruby/mruby/issues/6650#issuecomment-3430851605\", \"tags\": [\"exploit\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-11-13T14:13:38.353Z\"}}], \"cna\": {\"tags\": [\"x_open-source\"], \"title\": \"mruby array.c ary_fill_exec out-of-bounds write\", \"credits\": [{\"lang\": \"en\", \"type\": \"reporter\", \"value\": \"tjbecker (VulDB User)\"}], \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 4.8, \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P\"}}, {\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 5.3, \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C\"}}, {\"cvssV3_0\": {\"version\": \"3.0\", \"baseScore\": 5.3, \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C\"}}, {\"cvssV2_0\": {\"version\": \"2.0\", \"baseScore\": 4.3, \"vectorString\": \"AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C\"}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:mruby:mruby:*:*:*:*:*:*:*:*\"], \"vendor\": \"n/a\", \"product\": \"mruby\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.4.0\"}]}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2025-11-07T00:00:00.000Z\", \"value\": \"Advisory disclosed\"}, {\"lang\": \"en\", \"time\": \"2025-11-07T01:00:00.000Z\", \"value\": \"VulDB entry created\"}, {\"lang\": \"en\", \"time\": \"2025-12-02T17:31:54.000Z\", \"value\": \"VulDB entry last update\"}], \"references\": [{\"url\": \"https://vuldb.com/?id.331511\", \"name\": \"VDB-331511 | mruby array.c ary_fill_exec out-of-bounds write\", \"tags\": [\"vdb-entry\", \"technical-description\"]}, {\"url\": \"https://vuldb.com/?ctiid.331511\", \"name\": \"VDB-331511 | CTI Indicators (IOB, IOC, IOA)\", \"tags\": [\"signature\", \"permissions-required\"]}, {\"url\": \"https://vuldb.com/?submit.680879\", \"name\": \"Submit #680879 | mruby 3.4.0 Out-of-bounds Write\", \"tags\": [\"third-party-advisory\"]}, {\"url\": \"https://github.com/mruby/mruby/issues/6650\", \"tags\": [\"issue-tracking\"]}, {\"url\": \"https://github.com/mruby/mruby/issues/6650#event-20443453808\", \"tags\": [\"issue-tracking\"]}, {\"url\": \"https://github.com/mruby/mruby/issues/6650#issuecomment-3430851605\", \"tags\": [\"exploit\", \"issue-tracking\"]}, {\"url\": \"https://github.com/makesoftwaresafe/mruby/commit/93619f06dd378db6766666b30c08978311c7ec94\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/mruby/mruby/\", \"tags\": [\"product\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A weakness has been identified in mruby 3.4.0. This vulnerability affects the function ary_fill_exec of the file mrbgems/mruby-array-ext/src/array.c. Executing a manipulation of the argument start/length can lead to out-of-bounds write. The attack needs to be launched locally. The exploit has been made available to the public and could be used for attacks. This patch is called 93619f06dd378db6766666b30c08978311c7ec94. It is best practice to apply a patch to resolve this issue.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-787\", \"description\": \"Out-of-bounds Write\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-119\", \"description\": \"Memory Corruption\"}]}], \"providerMetadata\": {\"orgId\": \"1af790b2-7ee1-4545-860a-a788eba489b5\", \"shortName\": \"VulDB\", \"dateUpdated\": \"2026-02-24T06:25:01.873Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-12875\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-02-24T06:25:01.873Z\", \"dateReserved\": \"2025-11-07T15:09:38.806Z\", \"assignerOrgId\": \"1af790b2-7ee1-4545-860a-a788eba489b5\", \"datePublished\": \"2025-11-07T20:32:07.100Z\", \"assignerShortName\": \"VulDB\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
CERTFR-2026-AVI-0606
Vulnerability from certfr_avis - Published: 2026-05-15 - Updated: 2026-05-15
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Cognos Analytics | Cognos Analytics versions 11.2.x sans le correctif de sécurité Fix Pack 7 | ||
| IBM | N/A | Robotic Process Automation for Cloud Pak versions 30.0.x antérieures à 30.0.2 | ||
| IBM | Cognos Analytics | Cognos Analytics versions 12.1.x antérieures à 12.1.2 | ||
| IBM | N/A | Robotic Process Automation for Cloud Pak versions 23.0.x antérieures à 23.0.20.6 | ||
| IBM | AIX | Open SDK for Rust on AIX versions 1.90.0.0 et 1.92.0.0 sans le correctif de sécurité Fix Pack 1 | ||
| IBM | Cognos Analytics | Cognos Analytics versions 12.0.x sans le correctif de sécurité Fix Pack 2 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Cognos Analytics versions 11.2.x sans le correctif de s\u00e9curit\u00e9 Fix Pack 7",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Robotic Process Automation for Cloud Pak versions 30.0.x ant\u00e9rieures \u00e0 30.0.2",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Analytics versions 12.1.x ant\u00e9rieures \u00e0 12.1.2",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Robotic Process Automation for Cloud Pak versions 23.0.x ant\u00e9rieures \u00e0 23.0.20.6",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Open SDK for Rust on AIX versions 1.90.0.0 et 1.92.0.0 sans le correctif de s\u00e9curit\u00e9 Fix Pack 1",
"product": {
"name": "AIX",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Analytics versions 12.0.x sans le correctif de s\u00e9curit\u00e9 Fix Pack 2",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-27516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27516"
},
{
"name": "CVE-2025-4447",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4447"
},
{
"name": "CVE-2025-30167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30167"
},
{
"name": "CVE-2025-56200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-56200"
},
{
"name": "CVE-2025-7207",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7207"
},
{
"name": "CVE-2024-6866",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6866"
},
{
"name": "CVE-2025-7962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7962"
},
{
"name": "CVE-2025-54798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54798"
},
{
"name": "CVE-2024-12798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2025-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2025-3633",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3633"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2025-12875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12875"
},
{
"name": "CVE-2024-6844",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6844"
},
{
"name": "CVE-2024-12801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
},
{
"name": "CVE-2026-1188",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1188"
},
{
"name": "CVE-2025-48976",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48976"
},
{
"name": "CVE-2025-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
},
{
"name": "CVE-2025-68146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68146"
},
{
"name": "CVE-2024-35195",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35195"
},
{
"name": "CVE-2025-12635",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12635"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2025-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
},
{
"name": "CVE-2024-29371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29371"
},
{
"name": "CVE-2024-56339",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56339"
},
{
"name": "CVE-2025-5889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5889"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2025-14914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14914"
},
{
"name": "CVE-2025-2900",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2900"
},
{
"name": "CVE-2024-6839",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6839"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2025-36126",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36126"
}
],
"initial_release_date": "2026-05-15T00:00:00",
"last_revision_date": "2026-05-15T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0606",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-05-15T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7272628",
"url": "https://www.ibm.com/support/pages/node/7272628"
},
{
"published_at": "2026-05-14",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7272965",
"url": "https://www.ibm.com/support/pages/node/7272965"
},
{
"published_at": "2026-05-08",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7272446",
"url": "https://www.ibm.com/support/pages/node/7272446"
}
]
}
FKIE_CVE-2025-12875
Vulnerability from fkie_nvd - Published: 2025-11-07 21:15 - Updated: 2026-04-29 01:00
Severity
5.3 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A weakness has been identified in mruby 3.4.0. This vulnerability affects the function ary_fill_exec of the file mrbgems/mruby-array-ext/src/array.c. Executing a manipulation of the argument start/length can lead to out-of-bounds write. The attack needs to be launched locally. The exploit has been made available to the public and could be used for attacks. This patch is called 93619f06dd378db6766666b30c08978311c7ec94. It is best practice to apply a patch to resolve this issue.
References
| URL | Tags | ||
|---|---|---|---|
| cna@vuldb.com | https://github.com/makesoftwaresafe/mruby/commit/93619f06dd378db6766666b30c08978311c7ec94 | Patch | |
| cna@vuldb.com | https://github.com/mruby/mruby/ | ||
| cna@vuldb.com | https://github.com/mruby/mruby/issues/6650 | Issue Tracking | |
| cna@vuldb.com | https://github.com/mruby/mruby/issues/6650#event-20443453808 | Issue Tracking | |
| cna@vuldb.com | https://github.com/mruby/mruby/issues/6650#issuecomment-3430851605 | Patch | |
| cna@vuldb.com | https://vuldb.com/?ctiid.331511 | Permissions Required, VDB Entry | |
| cna@vuldb.com | https://vuldb.com/?id.331511 | Third Party Advisory, VDB Entry | |
| cna@vuldb.com | https://vuldb.com/?submit.680879 | Third Party Advisory, VDB Entry | |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | https://github.com/mruby/mruby/issues/6650 | Issue Tracking | |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | https://github.com/mruby/mruby/issues/6650#issuecomment-3430851605 | Patch |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mruby:mruby:3.4.0:*:*:*:*:ruby:*:*",
"matchCriteriaId": "65ECFCF1-24DD-4CC7-81CD-50D15E75C9F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A weakness has been identified in mruby 3.4.0. This vulnerability affects the function ary_fill_exec of the file mrbgems/mruby-array-ext/src/array.c. Executing a manipulation of the argument start/length can lead to out-of-bounds write. The attack needs to be launched locally. The exploit has been made available to the public and could be used for attacks. This patch is called 93619f06dd378db6766666b30c08978311c7ec94. It is best practice to apply a patch to resolve this issue."
}
],
"id": "CVE-2025-12875",
"lastModified": "2026-04-29T01:00:01.613",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.1,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "cna@vuldb.com",
"type": "Secondary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.4,
"source": "cna@vuldb.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 1.9,
"baseSeverity": "LOW",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "PROOF_OF_CONCEPT",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "cna@vuldb.com",
"type": "Secondary"
}
]
},
"published": "2025-11-07T21:15:40.557",
"references": [
{
"source": "cna@vuldb.com",
"tags": [
"Patch"
],
"url": "https://github.com/makesoftwaresafe/mruby/commit/93619f06dd378db6766666b30c08978311c7ec94"
},
{
"source": "cna@vuldb.com",
"url": "https://github.com/mruby/mruby/"
},
{
"source": "cna@vuldb.com",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/mruby/mruby/issues/6650"
},
{
"source": "cna@vuldb.com",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/mruby/mruby/issues/6650#event-20443453808"
},
{
"source": "cna@vuldb.com",
"tags": [
"Patch"
],
"url": "https://github.com/mruby/mruby/issues/6650#issuecomment-3430851605"
},
{
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
],
"url": "https://vuldb.com/?ctiid.331511"
},
{
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://vuldb.com/?id.331511"
},
{
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://vuldb.com/?submit.680879"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/mruby/mruby/issues/6650"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Patch"
],
"url": "https://github.com/mruby/mruby/issues/6650#issuecomment-3430851605"
}
],
"sourceIdentifier": "cna@vuldb.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "cna@vuldb.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-Q269-XQWW-45MM
Vulnerability from github – Published: 2025-11-07 21:31 – Updated: 2026-02-24 09:31
VLAI
Details
A weakness has been identified in mruby 3.4.0. This vulnerability affects the function ary_fill_exec of the file mrbgems/mruby-array-ext/src/array.c. Executing manipulation of the argument start/length can lead to out-of-bounds write. The attack needs to be launched locally. The exploit has been made available to the public and could be exploited. This patch is called 93619f06dd378db6766666b30c08978311c7ec94. It is best practice to apply a patch to resolve this issue.
Severity
{
"affected": [],
"aliases": [
"CVE-2025-12875"
],
"database_specific": {
"cwe_ids": [
"CWE-119",
"CWE-787"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-11-07T21:15:40Z",
"severity": "MODERATE"
},
"details": "A weakness has been identified in mruby 3.4.0. This vulnerability affects the function ary_fill_exec of the file mrbgems/mruby-array-ext/src/array.c. Executing manipulation of the argument start/length can lead to out-of-bounds write. The attack needs to be launched locally. The exploit has been made available to the public and could be exploited. This patch is called 93619f06dd378db6766666b30c08978311c7ec94. It is best practice to apply a patch to resolve this issue.",
"id": "GHSA-q269-xqww-45mm",
"modified": "2026-02-24T09:31:15Z",
"published": "2025-11-07T21:31:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12875"
},
{
"type": "WEB",
"url": "https://github.com/mruby/mruby/issues/6650"
},
{
"type": "WEB",
"url": "https://github.com/mruby/mruby/issues/6650#event-20443453808"
},
{
"type": "WEB",
"url": "https://github.com/mruby/mruby/issues/6650#issuecomment-3430851605"
},
{
"type": "WEB",
"url": "https://github.com/makesoftwaresafe/mruby/commit/93619f06dd378db6766666b30c08978311c7ec94"
},
{
"type": "WEB",
"url": "https://github.com/mruby/mruby"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.331511"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.331511"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.680879"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
MSRC_CVE-2025-12875
Vulnerability from csaf_microsoft - Published: 2025-11-02 00:00 - Updated: 2025-11-25 01:40Summary
mruby array.c ary_fill_exec out-of-bounds write
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
CWE-787
- Out-of-bounds Write
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 17084-4 | — |
None Available
|
|
| Unresolved product id: 17086-5 | — |
None Available
|
Known not affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 17086-3 | — | ||
| Unresolved product id: 17084-2 | — | ||
| Unresolved product id: 17084-1 | — |
References
4 references
| URL | Category |
|---|---|
| https://msrc.microsoft.com/csaf/vex/2025/msrc_cve… | self |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/csaf/vex/2025/msrc_cve… | self |
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2025-12875 mruby array.c ary_fill_exec out-of-bounds write - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2025/msrc_cve-2025-12875.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "mruby array.c ary_fill_exec out-of-bounds write",
"tracking": {
"current_release_date": "2025-11-25T01:40:24.000Z",
"generator": {
"date": "2026-01-03T09:42:28.021Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2025-12875",
"initial_release_date": "2025-11-02T00:00:00.000Z",
"revision_history": [
{
"date": "2025-11-11T01:01:46.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2025-11-25T01:40:24.000Z",
"legacy_version": "2",
"number": "2",
"summary": "Information published."
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
},
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "azl3 nghttp2 1.61.0-2",
"product": {
"name": "azl3 nghttp2 1.61.0-2",
"product_id": "4"
}
},
{
"category": "product_version_range",
"name": "cbl2 nghttp2 1.57.0-2",
"product": {
"name": "cbl2 nghttp2 1.57.0-2",
"product_id": "5"
}
}
],
"category": "product_name",
"name": "nghttp2"
},
{
"category": "product_name",
"name": "cbl2 rust 1.72.0-11",
"product": {
"name": "cbl2 rust 1.72.0-11",
"product_id": "3"
}
},
{
"category": "product_name",
"name": "azl3 rust 1.75.0-21",
"product": {
"name": "azl3 rust 1.75.0-21",
"product_id": "2"
}
},
{
"category": "product_name",
"name": "azl3 rust 1.86.0-9",
"product": {
"name": "azl3 rust 1.86.0-9",
"product_id": "1"
}
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 nghttp2 1.61.0-2 as a component of Azure Linux 3.0",
"product_id": "17084-4"
},
"product_reference": "4",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 rust 1.72.0-11 as a component of CBL Mariner 2.0",
"product_id": "17086-3"
},
"product_reference": "3",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 rust 1.75.0-21 as a component of Azure Linux 3.0",
"product_id": "17084-2"
},
"product_reference": "2",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 rust 1.86.0-9 as a component of Azure Linux 3.0",
"product_id": "17084-1"
},
"product_reference": "1",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 nghttp2 1.57.0-2 as a component of CBL Mariner 2.0",
"product_id": "17086-5"
},
"product_reference": "5",
"relates_to_product_reference": "17086"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-12875",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"flags": [
{
"label": "vulnerable_code_not_in_execute_path",
"product_ids": [
"17086-3",
"17084-2",
"17084-1"
]
}
],
"notes": [
{
"category": "general",
"text": "VulDB",
"title": "Assigning CNA"
}
],
"product_status": {
"known_affected": [
"17084-4",
"17086-5"
],
"known_not_affected": [
"17086-3",
"17084-2",
"17084-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-12875 mruby array.c ary_fill_exec out-of-bounds write - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2025/msrc_cve-2025-12875.json"
}
],
"remediations": [
{
"category": "none_available",
"date": "2025-11-11T01:01:46.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17084-4"
]
},
{
"category": "none_available",
"date": "2025-11-11T01:01:46.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17086-5"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalsScore": 0.0,
"exploitCodeMaturity": "PROOF_OF_CONCEPT",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"remediationLevel": "OFFICIAL_FIX",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 4.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"17084-4",
"17086-5"
]
}
],
"title": "mruby array.c ary_fill_exec out-of-bounds write"
}
]
}
WID-SEC-W-2025-2563
Vulnerability from csaf_certbund - Published: 2025-11-11 23:00 - Updated: 2025-12-14 23:00Summary
Microsoft Azure Linux: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Microsoft Azure Linux ist eine von Microsoft entwickelte Linux-Distribution, die für die Ausführung von Workloads in der Azure-Cloud optimiert ist.
Windows ist ein Betriebssystem von Microsoft.
Angriff: Ein Angreifer kann mehrere Schwachstellen in Microsoft Azure Linux und Microsoft Windows ausnutzen um erhöhte Privilegien zu erlangen, beliebigen Code auszuführen, die Authentifizierung zu umgehen, Spoofing-Angriffe durchzuführen, einen Denial-of-Service-Zustand zu verursachen oder andere, nicht näher spezifizierte Angriffe durchzuführen.
Betroffene Betriebssysteme: - Windows
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Microsoft Azure Linux azl3 nghttp2 1.61.0-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_nghttp2_1.61.0-2_on_3.0
|
azl3 nghttp2 1.61.0-2 on 3.0 | |
|
Microsoft Azure Linux azl3 kubevirt 1.5.0-5 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kubevirt_1.5.0-5_on_3.0
|
azl3 kubevirt 1.5.0-5 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.86.0-9 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.86.0-9_on_3.0
|
azl3 rust 1.86.0-9 on 3.0 | |
|
Microsoft Azure Linux azl3 containerd2 2.0.0-14 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_containerd2_2.0.0-14_on_3.0
|
azl3 containerd2 2.0.0-14 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.75.0-21 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.75.0-21_on_3.0
|
azl3 rust 1.75.0-21 on 3.0 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Microsoft Azure Linux azl3 curl 8.11.1-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_curl_8.11.1-4_on_3.0
|
azl3 curl 8.11.1-4 on 3.0 | |
|
Microsoft Azure Linux azl3 kernel 6.6.104.2-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kernel_6.6.104.2-4_on_3.0
|
azl3 kernel 6.6.104.2-4 on 3.0 | |
|
Microsoft Azure Linux azl3 libarchive 3.7.7-3 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libarchive_3.7.7-3_on_3.0
|
azl3 libarchive 3.7.7-3 on 3.0 | |
|
Microsoft Azure Linux azl3 runc 1.3.3-1 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_runc_1.3.3-1_on_3.0
|
azl3 runc 1.3.3-1 on 3.0 | |
|
Microsoft Azure Linux azl3 libxml2 2.11.5-7 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libxml2_2.11.5-7_on_3.0
|
azl3 libxml2 2.11.5-7 on 3.0 | |
|
Microsoft Azure Linux azl3 mysql 8.0.44-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_mysql_8.0.44-2_on_3.0
|
azl3 mysql 8.0.44-2 on 3.0 | |
|
Microsoft Windows Subsystem for Linux GUI
Microsoft / Windows
|
cpe:/o:microsoft:windows:subsystem_for_linux_gui
|
Subsystem for Linux GUI | |
|
Microsoft Azure Linux azl3 cmake 3.30.3-10 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_cmake_3.30.3-10_on_3.0
|
azl3 cmake 3.30.3-10 on 3.0 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Microsoft Azure Linux azl3 nghttp2 1.61.0-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_nghttp2_1.61.0-2_on_3.0
|
azl3 nghttp2 1.61.0-2 on 3.0 | |
|
Microsoft Azure Linux azl3 kubevirt 1.5.0-5 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kubevirt_1.5.0-5_on_3.0
|
azl3 kubevirt 1.5.0-5 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.86.0-9 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.86.0-9_on_3.0
|
azl3 rust 1.86.0-9 on 3.0 | |
|
Microsoft Azure Linux azl3 containerd2 2.0.0-14 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_containerd2_2.0.0-14_on_3.0
|
azl3 containerd2 2.0.0-14 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.75.0-21 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.75.0-21_on_3.0
|
azl3 rust 1.75.0-21 on 3.0 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Microsoft Azure Linux azl3 curl 8.11.1-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_curl_8.11.1-4_on_3.0
|
azl3 curl 8.11.1-4 on 3.0 | |
|
Microsoft Azure Linux azl3 kernel 6.6.104.2-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kernel_6.6.104.2-4_on_3.0
|
azl3 kernel 6.6.104.2-4 on 3.0 | |
|
Microsoft Azure Linux azl3 libarchive 3.7.7-3 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libarchive_3.7.7-3_on_3.0
|
azl3 libarchive 3.7.7-3 on 3.0 | |
|
Microsoft Azure Linux azl3 runc 1.3.3-1 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_runc_1.3.3-1_on_3.0
|
azl3 runc 1.3.3-1 on 3.0 | |
|
Microsoft Azure Linux azl3 libxml2 2.11.5-7 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libxml2_2.11.5-7_on_3.0
|
azl3 libxml2 2.11.5-7 on 3.0 | |
|
Microsoft Azure Linux azl3 mysql 8.0.44-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_mysql_8.0.44-2_on_3.0
|
azl3 mysql 8.0.44-2 on 3.0 | |
|
Microsoft Windows Subsystem for Linux GUI
Microsoft / Windows
|
cpe:/o:microsoft:windows:subsystem_for_linux_gui
|
Subsystem for Linux GUI | |
|
Microsoft Azure Linux azl3 cmake 3.30.3-10 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_cmake_3.30.3-10_on_3.0
|
azl3 cmake 3.30.3-10 on 3.0 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Microsoft Azure Linux azl3 nghttp2 1.61.0-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_nghttp2_1.61.0-2_on_3.0
|
azl3 nghttp2 1.61.0-2 on 3.0 | |
|
Microsoft Azure Linux azl3 kubevirt 1.5.0-5 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kubevirt_1.5.0-5_on_3.0
|
azl3 kubevirt 1.5.0-5 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.86.0-9 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.86.0-9_on_3.0
|
azl3 rust 1.86.0-9 on 3.0 | |
|
Microsoft Azure Linux azl3 containerd2 2.0.0-14 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_containerd2_2.0.0-14_on_3.0
|
azl3 containerd2 2.0.0-14 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.75.0-21 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.75.0-21_on_3.0
|
azl3 rust 1.75.0-21 on 3.0 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Microsoft Azure Linux azl3 curl 8.11.1-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_curl_8.11.1-4_on_3.0
|
azl3 curl 8.11.1-4 on 3.0 | |
|
Microsoft Azure Linux azl3 kernel 6.6.104.2-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kernel_6.6.104.2-4_on_3.0
|
azl3 kernel 6.6.104.2-4 on 3.0 | |
|
Microsoft Azure Linux azl3 libarchive 3.7.7-3 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libarchive_3.7.7-3_on_3.0
|
azl3 libarchive 3.7.7-3 on 3.0 | |
|
Microsoft Azure Linux azl3 runc 1.3.3-1 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_runc_1.3.3-1_on_3.0
|
azl3 runc 1.3.3-1 on 3.0 | |
|
Microsoft Azure Linux azl3 libxml2 2.11.5-7 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libxml2_2.11.5-7_on_3.0
|
azl3 libxml2 2.11.5-7 on 3.0 | |
|
Microsoft Azure Linux azl3 mysql 8.0.44-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_mysql_8.0.44-2_on_3.0
|
azl3 mysql 8.0.44-2 on 3.0 | |
|
Microsoft Windows Subsystem for Linux GUI
Microsoft / Windows
|
cpe:/o:microsoft:windows:subsystem_for_linux_gui
|
Subsystem for Linux GUI | |
|
Microsoft Azure Linux azl3 cmake 3.30.3-10 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_cmake_3.30.3-10_on_3.0
|
azl3 cmake 3.30.3-10 on 3.0 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Microsoft Azure Linux azl3 nghttp2 1.61.0-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_nghttp2_1.61.0-2_on_3.0
|
azl3 nghttp2 1.61.0-2 on 3.0 | |
|
Microsoft Azure Linux azl3 kubevirt 1.5.0-5 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kubevirt_1.5.0-5_on_3.0
|
azl3 kubevirt 1.5.0-5 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.86.0-9 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.86.0-9_on_3.0
|
azl3 rust 1.86.0-9 on 3.0 | |
|
Microsoft Azure Linux azl3 containerd2 2.0.0-14 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_containerd2_2.0.0-14_on_3.0
|
azl3 containerd2 2.0.0-14 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.75.0-21 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.75.0-21_on_3.0
|
azl3 rust 1.75.0-21 on 3.0 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Microsoft Azure Linux azl3 curl 8.11.1-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_curl_8.11.1-4_on_3.0
|
azl3 curl 8.11.1-4 on 3.0 | |
|
Microsoft Azure Linux azl3 kernel 6.6.104.2-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kernel_6.6.104.2-4_on_3.0
|
azl3 kernel 6.6.104.2-4 on 3.0 | |
|
Microsoft Azure Linux azl3 libarchive 3.7.7-3 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libarchive_3.7.7-3_on_3.0
|
azl3 libarchive 3.7.7-3 on 3.0 | |
|
Microsoft Azure Linux azl3 runc 1.3.3-1 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_runc_1.3.3-1_on_3.0
|
azl3 runc 1.3.3-1 on 3.0 | |
|
Microsoft Azure Linux azl3 libxml2 2.11.5-7 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libxml2_2.11.5-7_on_3.0
|
azl3 libxml2 2.11.5-7 on 3.0 | |
|
Microsoft Azure Linux azl3 mysql 8.0.44-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_mysql_8.0.44-2_on_3.0
|
azl3 mysql 8.0.44-2 on 3.0 | |
|
Microsoft Windows Subsystem for Linux GUI
Microsoft / Windows
|
cpe:/o:microsoft:windows:subsystem_for_linux_gui
|
Subsystem for Linux GUI | |
|
Microsoft Azure Linux azl3 cmake 3.30.3-10 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_cmake_3.30.3-10_on_3.0
|
azl3 cmake 3.30.3-10 on 3.0 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Microsoft Azure Linux azl3 nghttp2 1.61.0-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_nghttp2_1.61.0-2_on_3.0
|
azl3 nghttp2 1.61.0-2 on 3.0 | |
|
Microsoft Azure Linux azl3 kubevirt 1.5.0-5 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kubevirt_1.5.0-5_on_3.0
|
azl3 kubevirt 1.5.0-5 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.86.0-9 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.86.0-9_on_3.0
|
azl3 rust 1.86.0-9 on 3.0 | |
|
Microsoft Azure Linux azl3 containerd2 2.0.0-14 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_containerd2_2.0.0-14_on_3.0
|
azl3 containerd2 2.0.0-14 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.75.0-21 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.75.0-21_on_3.0
|
azl3 rust 1.75.0-21 on 3.0 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Microsoft Azure Linux azl3 curl 8.11.1-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_curl_8.11.1-4_on_3.0
|
azl3 curl 8.11.1-4 on 3.0 | |
|
Microsoft Azure Linux azl3 kernel 6.6.104.2-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kernel_6.6.104.2-4_on_3.0
|
azl3 kernel 6.6.104.2-4 on 3.0 | |
|
Microsoft Azure Linux azl3 libarchive 3.7.7-3 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libarchive_3.7.7-3_on_3.0
|
azl3 libarchive 3.7.7-3 on 3.0 | |
|
Microsoft Azure Linux azl3 runc 1.3.3-1 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_runc_1.3.3-1_on_3.0
|
azl3 runc 1.3.3-1 on 3.0 | |
|
Microsoft Azure Linux azl3 libxml2 2.11.5-7 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libxml2_2.11.5-7_on_3.0
|
azl3 libxml2 2.11.5-7 on 3.0 | |
|
Microsoft Azure Linux azl3 mysql 8.0.44-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_mysql_8.0.44-2_on_3.0
|
azl3 mysql 8.0.44-2 on 3.0 | |
|
Microsoft Windows Subsystem for Linux GUI
Microsoft / Windows
|
cpe:/o:microsoft:windows:subsystem_for_linux_gui
|
Subsystem for Linux GUI | |
|
Microsoft Azure Linux azl3 cmake 3.30.3-10 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_cmake_3.30.3-10_on_3.0
|
azl3 cmake 3.30.3-10 on 3.0 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Microsoft Azure Linux azl3 nghttp2 1.61.0-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_nghttp2_1.61.0-2_on_3.0
|
azl3 nghttp2 1.61.0-2 on 3.0 | |
|
Microsoft Azure Linux azl3 kubevirt 1.5.0-5 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kubevirt_1.5.0-5_on_3.0
|
azl3 kubevirt 1.5.0-5 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.86.0-9 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.86.0-9_on_3.0
|
azl3 rust 1.86.0-9 on 3.0 | |
|
Microsoft Azure Linux azl3 containerd2 2.0.0-14 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_containerd2_2.0.0-14_on_3.0
|
azl3 containerd2 2.0.0-14 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.75.0-21 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.75.0-21_on_3.0
|
azl3 rust 1.75.0-21 on 3.0 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Microsoft Azure Linux azl3 curl 8.11.1-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_curl_8.11.1-4_on_3.0
|
azl3 curl 8.11.1-4 on 3.0 | |
|
Microsoft Azure Linux azl3 kernel 6.6.104.2-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kernel_6.6.104.2-4_on_3.0
|
azl3 kernel 6.6.104.2-4 on 3.0 | |
|
Microsoft Azure Linux azl3 libarchive 3.7.7-3 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libarchive_3.7.7-3_on_3.0
|
azl3 libarchive 3.7.7-3 on 3.0 | |
|
Microsoft Azure Linux azl3 runc 1.3.3-1 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_runc_1.3.3-1_on_3.0
|
azl3 runc 1.3.3-1 on 3.0 | |
|
Microsoft Azure Linux azl3 libxml2 2.11.5-7 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libxml2_2.11.5-7_on_3.0
|
azl3 libxml2 2.11.5-7 on 3.0 | |
|
Microsoft Azure Linux azl3 mysql 8.0.44-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_mysql_8.0.44-2_on_3.0
|
azl3 mysql 8.0.44-2 on 3.0 | |
|
Microsoft Windows Subsystem for Linux GUI
Microsoft / Windows
|
cpe:/o:microsoft:windows:subsystem_for_linux_gui
|
Subsystem for Linux GUI | |
|
Microsoft Azure Linux azl3 cmake 3.30.3-10 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_cmake_3.30.3-10_on_3.0
|
azl3 cmake 3.30.3-10 on 3.0 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Microsoft Azure Linux azl3 nghttp2 1.61.0-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_nghttp2_1.61.0-2_on_3.0
|
azl3 nghttp2 1.61.0-2 on 3.0 | |
|
Microsoft Azure Linux azl3 kubevirt 1.5.0-5 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kubevirt_1.5.0-5_on_3.0
|
azl3 kubevirt 1.5.0-5 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.86.0-9 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.86.0-9_on_3.0
|
azl3 rust 1.86.0-9 on 3.0 | |
|
Microsoft Azure Linux azl3 containerd2 2.0.0-14 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_containerd2_2.0.0-14_on_3.0
|
azl3 containerd2 2.0.0-14 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.75.0-21 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.75.0-21_on_3.0
|
azl3 rust 1.75.0-21 on 3.0 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Microsoft Azure Linux azl3 curl 8.11.1-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_curl_8.11.1-4_on_3.0
|
azl3 curl 8.11.1-4 on 3.0 | |
|
Microsoft Azure Linux azl3 kernel 6.6.104.2-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kernel_6.6.104.2-4_on_3.0
|
azl3 kernel 6.6.104.2-4 on 3.0 | |
|
Microsoft Azure Linux azl3 libarchive 3.7.7-3 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libarchive_3.7.7-3_on_3.0
|
azl3 libarchive 3.7.7-3 on 3.0 | |
|
Microsoft Azure Linux azl3 runc 1.3.3-1 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_runc_1.3.3-1_on_3.0
|
azl3 runc 1.3.3-1 on 3.0 | |
|
Microsoft Azure Linux azl3 libxml2 2.11.5-7 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libxml2_2.11.5-7_on_3.0
|
azl3 libxml2 2.11.5-7 on 3.0 | |
|
Microsoft Azure Linux azl3 mysql 8.0.44-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_mysql_8.0.44-2_on_3.0
|
azl3 mysql 8.0.44-2 on 3.0 | |
|
Microsoft Windows Subsystem for Linux GUI
Microsoft / Windows
|
cpe:/o:microsoft:windows:subsystem_for_linux_gui
|
Subsystem for Linux GUI | |
|
Microsoft Azure Linux azl3 cmake 3.30.3-10 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_cmake_3.30.3-10_on_3.0
|
azl3 cmake 3.30.3-10 on 3.0 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Microsoft Azure Linux azl3 nghttp2 1.61.0-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_nghttp2_1.61.0-2_on_3.0
|
azl3 nghttp2 1.61.0-2 on 3.0 | |
|
Microsoft Azure Linux azl3 kubevirt 1.5.0-5 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kubevirt_1.5.0-5_on_3.0
|
azl3 kubevirt 1.5.0-5 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.86.0-9 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.86.0-9_on_3.0
|
azl3 rust 1.86.0-9 on 3.0 | |
|
Microsoft Azure Linux azl3 containerd2 2.0.0-14 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_containerd2_2.0.0-14_on_3.0
|
azl3 containerd2 2.0.0-14 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.75.0-21 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.75.0-21_on_3.0
|
azl3 rust 1.75.0-21 on 3.0 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Microsoft Azure Linux azl3 curl 8.11.1-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_curl_8.11.1-4_on_3.0
|
azl3 curl 8.11.1-4 on 3.0 | |
|
Microsoft Azure Linux azl3 kernel 6.6.104.2-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kernel_6.6.104.2-4_on_3.0
|
azl3 kernel 6.6.104.2-4 on 3.0 | |
|
Microsoft Azure Linux azl3 libarchive 3.7.7-3 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libarchive_3.7.7-3_on_3.0
|
azl3 libarchive 3.7.7-3 on 3.0 | |
|
Microsoft Azure Linux azl3 runc 1.3.3-1 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_runc_1.3.3-1_on_3.0
|
azl3 runc 1.3.3-1 on 3.0 | |
|
Microsoft Azure Linux azl3 libxml2 2.11.5-7 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libxml2_2.11.5-7_on_3.0
|
azl3 libxml2 2.11.5-7 on 3.0 | |
|
Microsoft Azure Linux azl3 mysql 8.0.44-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_mysql_8.0.44-2_on_3.0
|
azl3 mysql 8.0.44-2 on 3.0 | |
|
Microsoft Windows Subsystem for Linux GUI
Microsoft / Windows
|
cpe:/o:microsoft:windows:subsystem_for_linux_gui
|
Subsystem for Linux GUI | |
|
Microsoft Azure Linux azl3 cmake 3.30.3-10 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_cmake_3.30.3-10_on_3.0
|
azl3 cmake 3.30.3-10 on 3.0 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Microsoft Azure Linux azl3 nghttp2 1.61.0-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_nghttp2_1.61.0-2_on_3.0
|
azl3 nghttp2 1.61.0-2 on 3.0 | |
|
Microsoft Azure Linux azl3 kubevirt 1.5.0-5 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kubevirt_1.5.0-5_on_3.0
|
azl3 kubevirt 1.5.0-5 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.86.0-9 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.86.0-9_on_3.0
|
azl3 rust 1.86.0-9 on 3.0 | |
|
Microsoft Azure Linux azl3 containerd2 2.0.0-14 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_containerd2_2.0.0-14_on_3.0
|
azl3 containerd2 2.0.0-14 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.75.0-21 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.75.0-21_on_3.0
|
azl3 rust 1.75.0-21 on 3.0 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Microsoft Azure Linux azl3 curl 8.11.1-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_curl_8.11.1-4_on_3.0
|
azl3 curl 8.11.1-4 on 3.0 | |
|
Microsoft Azure Linux azl3 kernel 6.6.104.2-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kernel_6.6.104.2-4_on_3.0
|
azl3 kernel 6.6.104.2-4 on 3.0 | |
|
Microsoft Azure Linux azl3 libarchive 3.7.7-3 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libarchive_3.7.7-3_on_3.0
|
azl3 libarchive 3.7.7-3 on 3.0 | |
|
Microsoft Azure Linux azl3 runc 1.3.3-1 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_runc_1.3.3-1_on_3.0
|
azl3 runc 1.3.3-1 on 3.0 | |
|
Microsoft Azure Linux azl3 libxml2 2.11.5-7 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libxml2_2.11.5-7_on_3.0
|
azl3 libxml2 2.11.5-7 on 3.0 | |
|
Microsoft Azure Linux azl3 mysql 8.0.44-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_mysql_8.0.44-2_on_3.0
|
azl3 mysql 8.0.44-2 on 3.0 | |
|
Microsoft Windows Subsystem for Linux GUI
Microsoft / Windows
|
cpe:/o:microsoft:windows:subsystem_for_linux_gui
|
Subsystem for Linux GUI | |
|
Microsoft Azure Linux azl3 cmake 3.30.3-10 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_cmake_3.30.3-10_on_3.0
|
azl3 cmake 3.30.3-10 on 3.0 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Microsoft Azure Linux azl3 nghttp2 1.61.0-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_nghttp2_1.61.0-2_on_3.0
|
azl3 nghttp2 1.61.0-2 on 3.0 | |
|
Microsoft Azure Linux azl3 kubevirt 1.5.0-5 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kubevirt_1.5.0-5_on_3.0
|
azl3 kubevirt 1.5.0-5 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.86.0-9 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.86.0-9_on_3.0
|
azl3 rust 1.86.0-9 on 3.0 | |
|
Microsoft Azure Linux azl3 containerd2 2.0.0-14 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_containerd2_2.0.0-14_on_3.0
|
azl3 containerd2 2.0.0-14 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.75.0-21 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.75.0-21_on_3.0
|
azl3 rust 1.75.0-21 on 3.0 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Microsoft Azure Linux azl3 curl 8.11.1-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_curl_8.11.1-4_on_3.0
|
azl3 curl 8.11.1-4 on 3.0 | |
|
Microsoft Azure Linux azl3 kernel 6.6.104.2-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kernel_6.6.104.2-4_on_3.0
|
azl3 kernel 6.6.104.2-4 on 3.0 | |
|
Microsoft Azure Linux azl3 libarchive 3.7.7-3 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libarchive_3.7.7-3_on_3.0
|
azl3 libarchive 3.7.7-3 on 3.0 | |
|
Microsoft Azure Linux azl3 runc 1.3.3-1 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_runc_1.3.3-1_on_3.0
|
azl3 runc 1.3.3-1 on 3.0 | |
|
Microsoft Azure Linux azl3 libxml2 2.11.5-7 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libxml2_2.11.5-7_on_3.0
|
azl3 libxml2 2.11.5-7 on 3.0 | |
|
Microsoft Azure Linux azl3 mysql 8.0.44-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_mysql_8.0.44-2_on_3.0
|
azl3 mysql 8.0.44-2 on 3.0 | |
|
Microsoft Windows Subsystem for Linux GUI
Microsoft / Windows
|
cpe:/o:microsoft:windows:subsystem_for_linux_gui
|
Subsystem for Linux GUI | |
|
Microsoft Azure Linux azl3 cmake 3.30.3-10 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_cmake_3.30.3-10_on_3.0
|
azl3 cmake 3.30.3-10 on 3.0 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Microsoft Azure Linux azl3 nghttp2 1.61.0-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_nghttp2_1.61.0-2_on_3.0
|
azl3 nghttp2 1.61.0-2 on 3.0 | |
|
Microsoft Azure Linux azl3 kubevirt 1.5.0-5 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kubevirt_1.5.0-5_on_3.0
|
azl3 kubevirt 1.5.0-5 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.86.0-9 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.86.0-9_on_3.0
|
azl3 rust 1.86.0-9 on 3.0 | |
|
Microsoft Azure Linux azl3 containerd2 2.0.0-14 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_containerd2_2.0.0-14_on_3.0
|
azl3 containerd2 2.0.0-14 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.75.0-21 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.75.0-21_on_3.0
|
azl3 rust 1.75.0-21 on 3.0 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Microsoft Azure Linux azl3 curl 8.11.1-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_curl_8.11.1-4_on_3.0
|
azl3 curl 8.11.1-4 on 3.0 | |
|
Microsoft Azure Linux azl3 kernel 6.6.104.2-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kernel_6.6.104.2-4_on_3.0
|
azl3 kernel 6.6.104.2-4 on 3.0 | |
|
Microsoft Azure Linux azl3 libarchive 3.7.7-3 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libarchive_3.7.7-3_on_3.0
|
azl3 libarchive 3.7.7-3 on 3.0 | |
|
Microsoft Azure Linux azl3 runc 1.3.3-1 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_runc_1.3.3-1_on_3.0
|
azl3 runc 1.3.3-1 on 3.0 | |
|
Microsoft Azure Linux azl3 libxml2 2.11.5-7 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libxml2_2.11.5-7_on_3.0
|
azl3 libxml2 2.11.5-7 on 3.0 | |
|
Microsoft Azure Linux azl3 mysql 8.0.44-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_mysql_8.0.44-2_on_3.0
|
azl3 mysql 8.0.44-2 on 3.0 | |
|
Microsoft Windows Subsystem for Linux GUI
Microsoft / Windows
|
cpe:/o:microsoft:windows:subsystem_for_linux_gui
|
Subsystem for Linux GUI | |
|
Microsoft Azure Linux azl3 cmake 3.30.3-10 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_cmake_3.30.3-10_on_3.0
|
azl3 cmake 3.30.3-10 on 3.0 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Microsoft Azure Linux azl3 nghttp2 1.61.0-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_nghttp2_1.61.0-2_on_3.0
|
azl3 nghttp2 1.61.0-2 on 3.0 | |
|
Microsoft Azure Linux azl3 kubevirt 1.5.0-5 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kubevirt_1.5.0-5_on_3.0
|
azl3 kubevirt 1.5.0-5 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.86.0-9 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.86.0-9_on_3.0
|
azl3 rust 1.86.0-9 on 3.0 | |
|
Microsoft Azure Linux azl3 containerd2 2.0.0-14 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_containerd2_2.0.0-14_on_3.0
|
azl3 containerd2 2.0.0-14 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.75.0-21 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.75.0-21_on_3.0
|
azl3 rust 1.75.0-21 on 3.0 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Microsoft Azure Linux azl3 curl 8.11.1-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_curl_8.11.1-4_on_3.0
|
azl3 curl 8.11.1-4 on 3.0 | |
|
Microsoft Azure Linux azl3 kernel 6.6.104.2-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kernel_6.6.104.2-4_on_3.0
|
azl3 kernel 6.6.104.2-4 on 3.0 | |
|
Microsoft Azure Linux azl3 libarchive 3.7.7-3 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libarchive_3.7.7-3_on_3.0
|
azl3 libarchive 3.7.7-3 on 3.0 | |
|
Microsoft Azure Linux azl3 runc 1.3.3-1 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_runc_1.3.3-1_on_3.0
|
azl3 runc 1.3.3-1 on 3.0 | |
|
Microsoft Azure Linux azl3 libxml2 2.11.5-7 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libxml2_2.11.5-7_on_3.0
|
azl3 libxml2 2.11.5-7 on 3.0 | |
|
Microsoft Azure Linux azl3 mysql 8.0.44-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_mysql_8.0.44-2_on_3.0
|
azl3 mysql 8.0.44-2 on 3.0 | |
|
Microsoft Windows Subsystem for Linux GUI
Microsoft / Windows
|
cpe:/o:microsoft:windows:subsystem_for_linux_gui
|
Subsystem for Linux GUI | |
|
Microsoft Azure Linux azl3 cmake 3.30.3-10 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_cmake_3.30.3-10_on_3.0
|
azl3 cmake 3.30.3-10 on 3.0 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Microsoft Azure Linux azl3 nghttp2 1.61.0-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_nghttp2_1.61.0-2_on_3.0
|
azl3 nghttp2 1.61.0-2 on 3.0 | |
|
Microsoft Azure Linux azl3 kubevirt 1.5.0-5 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kubevirt_1.5.0-5_on_3.0
|
azl3 kubevirt 1.5.0-5 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.86.0-9 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.86.0-9_on_3.0
|
azl3 rust 1.86.0-9 on 3.0 | |
|
Microsoft Azure Linux azl3 containerd2 2.0.0-14 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_containerd2_2.0.0-14_on_3.0
|
azl3 containerd2 2.0.0-14 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.75.0-21 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.75.0-21_on_3.0
|
azl3 rust 1.75.0-21 on 3.0 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Microsoft Azure Linux azl3 curl 8.11.1-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_curl_8.11.1-4_on_3.0
|
azl3 curl 8.11.1-4 on 3.0 | |
|
Microsoft Azure Linux azl3 kernel 6.6.104.2-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kernel_6.6.104.2-4_on_3.0
|
azl3 kernel 6.6.104.2-4 on 3.0 | |
|
Microsoft Azure Linux azl3 libarchive 3.7.7-3 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libarchive_3.7.7-3_on_3.0
|
azl3 libarchive 3.7.7-3 on 3.0 | |
|
Microsoft Azure Linux azl3 runc 1.3.3-1 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_runc_1.3.3-1_on_3.0
|
azl3 runc 1.3.3-1 on 3.0 | |
|
Microsoft Azure Linux azl3 libxml2 2.11.5-7 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libxml2_2.11.5-7_on_3.0
|
azl3 libxml2 2.11.5-7 on 3.0 | |
|
Microsoft Azure Linux azl3 mysql 8.0.44-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_mysql_8.0.44-2_on_3.0
|
azl3 mysql 8.0.44-2 on 3.0 | |
|
Microsoft Windows Subsystem for Linux GUI
Microsoft / Windows
|
cpe:/o:microsoft:windows:subsystem_for_linux_gui
|
Subsystem for Linux GUI | |
|
Microsoft Azure Linux azl3 cmake 3.30.3-10 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_cmake_3.30.3-10_on_3.0
|
azl3 cmake 3.30.3-10 on 3.0 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Microsoft Azure Linux azl3 nghttp2 1.61.0-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_nghttp2_1.61.0-2_on_3.0
|
azl3 nghttp2 1.61.0-2 on 3.0 | |
|
Microsoft Azure Linux azl3 kubevirt 1.5.0-5 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kubevirt_1.5.0-5_on_3.0
|
azl3 kubevirt 1.5.0-5 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.86.0-9 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.86.0-9_on_3.0
|
azl3 rust 1.86.0-9 on 3.0 | |
|
Microsoft Azure Linux azl3 containerd2 2.0.0-14 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_containerd2_2.0.0-14_on_3.0
|
azl3 containerd2 2.0.0-14 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.75.0-21 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.75.0-21_on_3.0
|
azl3 rust 1.75.0-21 on 3.0 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Microsoft Azure Linux azl3 curl 8.11.1-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_curl_8.11.1-4_on_3.0
|
azl3 curl 8.11.1-4 on 3.0 | |
|
Microsoft Azure Linux azl3 kernel 6.6.104.2-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kernel_6.6.104.2-4_on_3.0
|
azl3 kernel 6.6.104.2-4 on 3.0 | |
|
Microsoft Azure Linux azl3 libarchive 3.7.7-3 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libarchive_3.7.7-3_on_3.0
|
azl3 libarchive 3.7.7-3 on 3.0 | |
|
Microsoft Azure Linux azl3 runc 1.3.3-1 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_runc_1.3.3-1_on_3.0
|
azl3 runc 1.3.3-1 on 3.0 | |
|
Microsoft Azure Linux azl3 libxml2 2.11.5-7 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libxml2_2.11.5-7_on_3.0
|
azl3 libxml2 2.11.5-7 on 3.0 | |
|
Microsoft Azure Linux azl3 mysql 8.0.44-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_mysql_8.0.44-2_on_3.0
|
azl3 mysql 8.0.44-2 on 3.0 | |
|
Microsoft Windows Subsystem for Linux GUI
Microsoft / Windows
|
cpe:/o:microsoft:windows:subsystem_for_linux_gui
|
Subsystem for Linux GUI | |
|
Microsoft Azure Linux azl3 cmake 3.30.3-10 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_cmake_3.30.3-10_on_3.0
|
azl3 cmake 3.30.3-10 on 3.0 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Microsoft Azure Linux azl3 nghttp2 1.61.0-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_nghttp2_1.61.0-2_on_3.0
|
azl3 nghttp2 1.61.0-2 on 3.0 | |
|
Microsoft Azure Linux azl3 kubevirt 1.5.0-5 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kubevirt_1.5.0-5_on_3.0
|
azl3 kubevirt 1.5.0-5 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.86.0-9 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.86.0-9_on_3.0
|
azl3 rust 1.86.0-9 on 3.0 | |
|
Microsoft Azure Linux azl3 containerd2 2.0.0-14 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_containerd2_2.0.0-14_on_3.0
|
azl3 containerd2 2.0.0-14 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.75.0-21 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.75.0-21_on_3.0
|
azl3 rust 1.75.0-21 on 3.0 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Microsoft Azure Linux azl3 curl 8.11.1-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_curl_8.11.1-4_on_3.0
|
azl3 curl 8.11.1-4 on 3.0 | |
|
Microsoft Azure Linux azl3 kernel 6.6.104.2-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kernel_6.6.104.2-4_on_3.0
|
azl3 kernel 6.6.104.2-4 on 3.0 | |
|
Microsoft Azure Linux azl3 libarchive 3.7.7-3 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libarchive_3.7.7-3_on_3.0
|
azl3 libarchive 3.7.7-3 on 3.0 | |
|
Microsoft Azure Linux azl3 runc 1.3.3-1 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_runc_1.3.3-1_on_3.0
|
azl3 runc 1.3.3-1 on 3.0 | |
|
Microsoft Azure Linux azl3 libxml2 2.11.5-7 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libxml2_2.11.5-7_on_3.0
|
azl3 libxml2 2.11.5-7 on 3.0 | |
|
Microsoft Azure Linux azl3 mysql 8.0.44-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_mysql_8.0.44-2_on_3.0
|
azl3 mysql 8.0.44-2 on 3.0 | |
|
Microsoft Windows Subsystem for Linux GUI
Microsoft / Windows
|
cpe:/o:microsoft:windows:subsystem_for_linux_gui
|
Subsystem for Linux GUI | |
|
Microsoft Azure Linux azl3 cmake 3.30.3-10 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_cmake_3.30.3-10_on_3.0
|
azl3 cmake 3.30.3-10 on 3.0 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Microsoft Azure Linux azl3 nghttp2 1.61.0-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_nghttp2_1.61.0-2_on_3.0
|
azl3 nghttp2 1.61.0-2 on 3.0 | |
|
Microsoft Azure Linux azl3 kubevirt 1.5.0-5 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kubevirt_1.5.0-5_on_3.0
|
azl3 kubevirt 1.5.0-5 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.86.0-9 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.86.0-9_on_3.0
|
azl3 rust 1.86.0-9 on 3.0 | |
|
Microsoft Azure Linux azl3 containerd2 2.0.0-14 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_containerd2_2.0.0-14_on_3.0
|
azl3 containerd2 2.0.0-14 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.75.0-21 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.75.0-21_on_3.0
|
azl3 rust 1.75.0-21 on 3.0 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Microsoft Azure Linux azl3 curl 8.11.1-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_curl_8.11.1-4_on_3.0
|
azl3 curl 8.11.1-4 on 3.0 | |
|
Microsoft Azure Linux azl3 kernel 6.6.104.2-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kernel_6.6.104.2-4_on_3.0
|
azl3 kernel 6.6.104.2-4 on 3.0 | |
|
Microsoft Azure Linux azl3 libarchive 3.7.7-3 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libarchive_3.7.7-3_on_3.0
|
azl3 libarchive 3.7.7-3 on 3.0 | |
|
Microsoft Azure Linux azl3 runc 1.3.3-1 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_runc_1.3.3-1_on_3.0
|
azl3 runc 1.3.3-1 on 3.0 | |
|
Microsoft Azure Linux azl3 libxml2 2.11.5-7 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libxml2_2.11.5-7_on_3.0
|
azl3 libxml2 2.11.5-7 on 3.0 | |
|
Microsoft Azure Linux azl3 mysql 8.0.44-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_mysql_8.0.44-2_on_3.0
|
azl3 mysql 8.0.44-2 on 3.0 | |
|
Microsoft Windows Subsystem for Linux GUI
Microsoft / Windows
|
cpe:/o:microsoft:windows:subsystem_for_linux_gui
|
Subsystem for Linux GUI | |
|
Microsoft Azure Linux azl3 cmake 3.30.3-10 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_cmake_3.30.3-10_on_3.0
|
azl3 cmake 3.30.3-10 on 3.0 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Microsoft Azure Linux azl3 nghttp2 1.61.0-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_nghttp2_1.61.0-2_on_3.0
|
azl3 nghttp2 1.61.0-2 on 3.0 | |
|
Microsoft Azure Linux azl3 kubevirt 1.5.0-5 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kubevirt_1.5.0-5_on_3.0
|
azl3 kubevirt 1.5.0-5 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.86.0-9 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.86.0-9_on_3.0
|
azl3 rust 1.86.0-9 on 3.0 | |
|
Microsoft Azure Linux azl3 containerd2 2.0.0-14 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_containerd2_2.0.0-14_on_3.0
|
azl3 containerd2 2.0.0-14 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.75.0-21 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.75.0-21_on_3.0
|
azl3 rust 1.75.0-21 on 3.0 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Microsoft Azure Linux azl3 curl 8.11.1-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_curl_8.11.1-4_on_3.0
|
azl3 curl 8.11.1-4 on 3.0 | |
|
Microsoft Azure Linux azl3 kernel 6.6.104.2-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kernel_6.6.104.2-4_on_3.0
|
azl3 kernel 6.6.104.2-4 on 3.0 | |
|
Microsoft Azure Linux azl3 libarchive 3.7.7-3 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libarchive_3.7.7-3_on_3.0
|
azl3 libarchive 3.7.7-3 on 3.0 | |
|
Microsoft Azure Linux azl3 runc 1.3.3-1 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_runc_1.3.3-1_on_3.0
|
azl3 runc 1.3.3-1 on 3.0 | |
|
Microsoft Azure Linux azl3 libxml2 2.11.5-7 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libxml2_2.11.5-7_on_3.0
|
azl3 libxml2 2.11.5-7 on 3.0 | |
|
Microsoft Azure Linux azl3 mysql 8.0.44-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_mysql_8.0.44-2_on_3.0
|
azl3 mysql 8.0.44-2 on 3.0 | |
|
Microsoft Windows Subsystem for Linux GUI
Microsoft / Windows
|
cpe:/o:microsoft:windows:subsystem_for_linux_gui
|
Subsystem for Linux GUI | |
|
Microsoft Azure Linux azl3 cmake 3.30.3-10 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_cmake_3.30.3-10_on_3.0
|
azl3 cmake 3.30.3-10 on 3.0 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Microsoft Azure Linux azl3 nghttp2 1.61.0-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_nghttp2_1.61.0-2_on_3.0
|
azl3 nghttp2 1.61.0-2 on 3.0 | |
|
Microsoft Azure Linux azl3 kubevirt 1.5.0-5 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kubevirt_1.5.0-5_on_3.0
|
azl3 kubevirt 1.5.0-5 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.86.0-9 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.86.0-9_on_3.0
|
azl3 rust 1.86.0-9 on 3.0 | |
|
Microsoft Azure Linux azl3 containerd2 2.0.0-14 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_containerd2_2.0.0-14_on_3.0
|
azl3 containerd2 2.0.0-14 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.75.0-21 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.75.0-21_on_3.0
|
azl3 rust 1.75.0-21 on 3.0 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Microsoft Azure Linux azl3 curl 8.11.1-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_curl_8.11.1-4_on_3.0
|
azl3 curl 8.11.1-4 on 3.0 | |
|
Microsoft Azure Linux azl3 kernel 6.6.104.2-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kernel_6.6.104.2-4_on_3.0
|
azl3 kernel 6.6.104.2-4 on 3.0 | |
|
Microsoft Azure Linux azl3 libarchive 3.7.7-3 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libarchive_3.7.7-3_on_3.0
|
azl3 libarchive 3.7.7-3 on 3.0 | |
|
Microsoft Azure Linux azl3 runc 1.3.3-1 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_runc_1.3.3-1_on_3.0
|
azl3 runc 1.3.3-1 on 3.0 | |
|
Microsoft Azure Linux azl3 libxml2 2.11.5-7 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libxml2_2.11.5-7_on_3.0
|
azl3 libxml2 2.11.5-7 on 3.0 | |
|
Microsoft Azure Linux azl3 mysql 8.0.44-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_mysql_8.0.44-2_on_3.0
|
azl3 mysql 8.0.44-2 on 3.0 | |
|
Microsoft Windows Subsystem for Linux GUI
Microsoft / Windows
|
cpe:/o:microsoft:windows:subsystem_for_linux_gui
|
Subsystem for Linux GUI | |
|
Microsoft Azure Linux azl3 cmake 3.30.3-10 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_cmake_3.30.3-10_on_3.0
|
azl3 cmake 3.30.3-10 on 3.0 |
References
8 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Microsoft Azure Linux ist eine von Microsoft entwickelte Linux-Distribution, die f\u00fcr die Ausf\u00fchrung von Workloads in der Azure-Cloud optimiert ist.\r\nWindows ist ein Betriebssystem von Microsoft.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Microsoft Azure Linux und Microsoft Windows ausnutzen um erh\u00f6hte Privilegien zu erlangen, beliebigen Code auszuf\u00fchren, die Authentifizierung zu umgehen, Spoofing-Angriffe durchzuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen oder andere, nicht n\u00e4her spezifizierte Angriffe durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-2563 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2563.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-2563 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2563"
},
{
"category": "external",
"summary": "Microsoft Leitfaden f\u00fcr Sicherheitsupdates",
"url": "https://msrc.microsoft.com/update-guide/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4288-1 vom 2025-11-28",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2I3DAC5P7RIJP4M7YPNYJVIE4ZG7RSHV/"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2025-2F6CA95A74 vom 2025-12-13",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-2f6ca95a74"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2025-7C468696D2 vom 2025-12-13",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-7c468696d2"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2025-D39F46567C vom 2025-12-13",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-d39f46567c"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2025-2CA3289343 vom 2025-12-13",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-2ca3289343"
}
],
"source_lang": "en-US",
"title": "Microsoft Azure Linux: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-12-14T23:00:00.000+00:00",
"generator": {
"date": "2025-12-15T10:15:06.656+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2025-2563",
"initial_release_date": "2025-11-11T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-11-11T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-11-30T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-12-14T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Fedora aufgenommen"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "azl3 nghttp2 1.61.0-2 on 3.0",
"product": {
"name": "Microsoft Azure Linux azl3 nghttp2 1.61.0-2 on 3.0",
"product_id": "T048506",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:azure_linux:azl3_nghttp2_1.61.0-2_on_3.0"
}
}
},
{
"category": "product_version",
"name": "azl3 libarchive 3.7.7-3 on 3.0",
"product": {
"name": "Microsoft Azure Linux azl3 libarchive 3.7.7-3 on 3.0",
"product_id": "T048507",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:azure_linux:azl3_libarchive_3.7.7-3_on_3.0"
}
}
},
{
"category": "product_version",
"name": "azl3 kernel 6.6.104.2-4 on 3.0",
"product": {
"name": "Microsoft Azure Linux azl3 kernel 6.6.104.2-4 on 3.0",
"product_id": "T048508",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:azure_linux:azl3_kernel_6.6.104.2-4_on_3.0"
}
}
},
{
"category": "product_version",
"name": "azl3 curl 8.11.1-4 on 3.0",
"product": {
"name": "Microsoft Azure Linux azl3 curl 8.11.1-4 on 3.0",
"product_id": "T048509",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:azure_linux:azl3_curl_8.11.1-4_on_3.0"
}
}
},
{
"category": "product_version",
"name": "azl3 cmake 3.30.3-10 on 3.0",
"product": {
"name": "Microsoft Azure Linux azl3 cmake 3.30.3-10 on 3.0",
"product_id": "T048510",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:azure_linux:azl3_cmake_3.30.3-10_on_3.0"
}
}
},
{
"category": "product_version",
"name": "azl3 mysql 8.0.44-2 on 3.0",
"product": {
"name": "Microsoft Azure Linux azl3 mysql 8.0.44-2 on 3.0",
"product_id": "T048512",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:azure_linux:azl3_mysql_8.0.44-2_on_3.0"
}
}
},
{
"category": "product_version",
"name": "azl3 libxml2 2.11.5-7 on 3.0",
"product": {
"name": "Microsoft Azure Linux azl3 libxml2 2.11.5-7 on 3.0",
"product_id": "T048513",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:azure_linux:azl3_libxml2_2.11.5-7_on_3.0"
}
}
},
{
"category": "product_version",
"name": "azl3 rust 1.75.0-21 on 3.0",
"product": {
"name": "Microsoft Azure Linux azl3 rust 1.75.0-21 on 3.0",
"product_id": "T048514",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:azure_linux:azl3_rust_1.75.0-21_on_3.0"
}
}
},
{
"category": "product_version",
"name": "azl3 containerd2 2.0.0-14 on 3.0",
"product": {
"name": "Microsoft Azure Linux azl3 containerd2 2.0.0-14 on 3.0",
"product_id": "T048515",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:azure_linux:azl3_containerd2_2.0.0-14_on_3.0"
}
}
},
{
"category": "product_version",
"name": "azl3 rust 1.86.0-9 on 3.0",
"product": {
"name": "Microsoft Azure Linux azl3 rust 1.86.0-9 on 3.0",
"product_id": "T048516",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:azure_linux:azl3_rust_1.86.0-9_on_3.0"
}
}
},
{
"category": "product_version",
"name": "azl3 kubevirt 1.5.0-5 on 3.0",
"product": {
"name": "Microsoft Azure Linux azl3 kubevirt 1.5.0-5 on 3.0",
"product_id": "T048517",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:azure_linux:azl3_kubevirt_1.5.0-5_on_3.0"
}
}
},
{
"category": "product_version",
"name": "azl3 runc 1.3.3-1 on 3.0",
"product": {
"name": "Microsoft Azure Linux azl3 runc 1.3.3-1 on 3.0",
"product_id": "T048518",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:azure_linux:azl3_runc_1.3.3-1_on_3.0"
}
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "Subsystem for Linux GUI",
"product": {
"name": "Microsoft Windows Subsystem for Linux GUI",
"product_id": "T048511",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows:subsystem_for_linux_gui"
}
}
}
],
"category": "product_name",
"name": "Windows"
}
],
"category": "vendor",
"name": "Microsoft"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-25621",
"product_status": {
"known_affected": [
"74185",
"T048506",
"T048517",
"T048516",
"T048515",
"T048514",
"T002207",
"T048509",
"T048508",
"T048507",
"T048518",
"T048513",
"T048512",
"T048511",
"T048510"
]
},
"release_date": "2025-11-11T23:00:00.000+00:00",
"title": "CVE-2024-25621"
},
{
"cve": "CVE-2025-10966",
"product_status": {
"known_affected": [
"74185",
"T048506",
"T048517",
"T048516",
"T048515",
"T048514",
"T002207",
"T048509",
"T048508",
"T048507",
"T048518",
"T048513",
"T048512",
"T048511",
"T048510"
]
},
"release_date": "2025-11-11T23:00:00.000+00:00",
"title": "CVE-2025-10966"
},
{
"cve": "CVE-2025-12863",
"product_status": {
"known_affected": [
"74185",
"T048506",
"T048517",
"T048516",
"T048515",
"T048514",
"T002207",
"T048509",
"T048508",
"T048507",
"T048518",
"T048513",
"T048512",
"T048511",
"T048510"
]
},
"release_date": "2025-11-11T23:00:00.000+00:00",
"title": "CVE-2025-12863"
},
{
"cve": "CVE-2025-12875",
"product_status": {
"known_affected": [
"74185",
"T048506",
"T048517",
"T048516",
"T048515",
"T048514",
"T002207",
"T048509",
"T048508",
"T048507",
"T048518",
"T048513",
"T048512",
"T048511",
"T048510"
]
},
"release_date": "2025-11-11T23:00:00.000+00:00",
"title": "CVE-2025-12875"
},
{
"cve": "CVE-2025-31133",
"product_status": {
"known_affected": [
"74185",
"T048506",
"T048517",
"T048516",
"T048515",
"T048514",
"T002207",
"T048509",
"T048508",
"T048507",
"T048518",
"T048513",
"T048512",
"T048511",
"T048510"
]
},
"release_date": "2025-11-11T23:00:00.000+00:00",
"title": "CVE-2025-31133"
},
{
"cve": "CVE-2025-40107",
"product_status": {
"known_affected": [
"74185",
"T048506",
"T048517",
"T048516",
"T048515",
"T048514",
"T002207",
"T048509",
"T048508",
"T048507",
"T048518",
"T048513",
"T048512",
"T048511",
"T048510"
]
},
"release_date": "2025-11-11T23:00:00.000+00:00",
"title": "CVE-2025-40107"
},
{
"cve": "CVE-2025-40109",
"product_status": {
"known_affected": [
"74185",
"T048506",
"T048517",
"T048516",
"T048515",
"T048514",
"T002207",
"T048509",
"T048508",
"T048507",
"T048518",
"T048513",
"T048512",
"T048511",
"T048510"
]
},
"release_date": "2025-11-11T23:00:00.000+00:00",
"title": "CVE-2025-40109"
},
{
"cve": "CVE-2025-52565",
"product_status": {
"known_affected": [
"74185",
"T048506",
"T048517",
"T048516",
"T048515",
"T048514",
"T002207",
"T048509",
"T048508",
"T048507",
"T048518",
"T048513",
"T048512",
"T048511",
"T048510"
]
},
"release_date": "2025-11-11T23:00:00.000+00:00",
"title": "CVE-2025-52565"
},
{
"cve": "CVE-2025-52881",
"product_status": {
"known_affected": [
"74185",
"T048506",
"T048517",
"T048516",
"T048515",
"T048514",
"T002207",
"T048509",
"T048508",
"T048507",
"T048518",
"T048513",
"T048512",
"T048511",
"T048510"
]
},
"release_date": "2025-11-11T23:00:00.000+00:00",
"title": "CVE-2025-52881"
},
{
"cve": "CVE-2025-60753",
"product_status": {
"known_affected": [
"74185",
"T048506",
"T048517",
"T048516",
"T048515",
"T048514",
"T002207",
"T048509",
"T048508",
"T048507",
"T048518",
"T048513",
"T048512",
"T048511",
"T048510"
]
},
"release_date": "2025-11-11T23:00:00.000+00:00",
"title": "CVE-2025-60753"
},
{
"cve": "CVE-2025-62220",
"product_status": {
"known_affected": [
"74185",
"T048506",
"T048517",
"T048516",
"T048515",
"T048514",
"T002207",
"T048509",
"T048508",
"T048507",
"T048518",
"T048513",
"T048512",
"T048511",
"T048510"
]
},
"release_date": "2025-11-11T23:00:00.000+00:00",
"title": "CVE-2025-62220"
},
{
"cve": "CVE-2025-64329",
"product_status": {
"known_affected": [
"74185",
"T048506",
"T048517",
"T048516",
"T048515",
"T048514",
"T002207",
"T048509",
"T048508",
"T048507",
"T048518",
"T048513",
"T048512",
"T048511",
"T048510"
]
},
"release_date": "2025-11-11T23:00:00.000+00:00",
"title": "CVE-2025-64329"
},
{
"cve": "CVE-2025-64432",
"product_status": {
"known_affected": [
"74185",
"T048506",
"T048517",
"T048516",
"T048515",
"T048514",
"T002207",
"T048509",
"T048508",
"T048507",
"T048518",
"T048513",
"T048512",
"T048511",
"T048510"
]
},
"release_date": "2025-11-11T23:00:00.000+00:00",
"title": "CVE-2025-64432"
},
{
"cve": "CVE-2025-64433",
"product_status": {
"known_affected": [
"74185",
"T048506",
"T048517",
"T048516",
"T048515",
"T048514",
"T002207",
"T048509",
"T048508",
"T048507",
"T048518",
"T048513",
"T048512",
"T048511",
"T048510"
]
},
"release_date": "2025-11-11T23:00:00.000+00:00",
"title": "CVE-2025-64433"
},
{
"cve": "CVE-2025-64434",
"product_status": {
"known_affected": [
"74185",
"T048506",
"T048517",
"T048516",
"T048515",
"T048514",
"T002207",
"T048509",
"T048508",
"T048507",
"T048518",
"T048513",
"T048512",
"T048511",
"T048510"
]
},
"release_date": "2025-11-11T23:00:00.000+00:00",
"title": "CVE-2025-64434"
},
{
"cve": "CVE-2025-64435",
"product_status": {
"known_affected": [
"74185",
"T048506",
"T048517",
"T048516",
"T048515",
"T048514",
"T002207",
"T048509",
"T048508",
"T048507",
"T048518",
"T048513",
"T048512",
"T048511",
"T048510"
]
},
"release_date": "2025-11-11T23:00:00.000+00:00",
"title": "CVE-2025-64435"
},
{
"cve": "CVE-2025-64436",
"product_status": {
"known_affected": [
"74185",
"T048506",
"T048517",
"T048516",
"T048515",
"T048514",
"T002207",
"T048509",
"T048508",
"T048507",
"T048518",
"T048513",
"T048512",
"T048511",
"T048510"
]
},
"release_date": "2025-11-11T23:00:00.000+00:00",
"title": "CVE-2025-64436"
},
{
"cve": "CVE-2025-64437",
"product_status": {
"known_affected": [
"74185",
"T048506",
"T048517",
"T048516",
"T048515",
"T048514",
"T002207",
"T048509",
"T048508",
"T048507",
"T048518",
"T048513",
"T048512",
"T048511",
"T048510"
]
},
"release_date": "2025-11-11T23:00:00.000+00:00",
"title": "CVE-2025-64437"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…