Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-22872 (GCVE-0-2025-22872)
Vulnerability from cvelistv5 – Published: 2025-04-16 17:13 – Updated: 2025-05-16 23:03
VLAI
EPSS
Title
Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net
Summary
The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. <math>, <svg>, etc contexts).
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| golang.org/x/net | golang.org/x/net/html |
Affected:
0 , < 0.38.0
(semver)
|
Credits
Sean Ng (https://ensy.zip)
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-22872",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T20:14:29.607584Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T20:15:13.433Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-05-16T23:03:07.693Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20250516-0007/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "golang.org/x/net/html",
"product": "golang.org/x/net/html",
"programRoutines": [
{
"name": "Tokenizer.readStartTag"
},
{
"name": "Parse"
},
{
"name": "ParseFragment"
},
{
"name": "ParseFragmentWithOptions"
},
{
"name": "ParseWithOptions"
},
{
"name": "Tokenizer.Next"
}
],
"vendor": "golang.org/x/net",
"versions": [
{
"lessThan": "0.38.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Sean Ng (https://ensy.zip)"
}
],
"descriptions": [
{
"lang": "en",
"value": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T17:13:02.550Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/cl/662715"
},
{
"url": "https://go.dev/issue/73070"
},
{
"url": "https://groups.google.com/g/golang-announce/c/ezSKR9vqbqA"
},
{
"url": "https://pkg.go.dev/vuln/GO-2025-3595"
}
],
"title": "Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2025-22872",
"datePublished": "2025-04-16T17:13:02.550Z",
"dateReserved": "2025-01-08T19:11:42.834Z",
"dateUpdated": "2025-05-16T23:03:07.693Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-22872",
"date": "2026-06-05",
"epss": "0.00017",
"percentile": "0.04449"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-22872\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2025-04-16T18:16:04.183\",\"lastModified\":\"2025-05-16T23:15:19.707\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).\"},{\"lang\":\"es\",\"value\":\"El tokenizador interpreta incorrectamente las etiquetas con valores de atributo sin comillas que terminan en barra (/) como autocerradas. Al usar el tokenizador directamente, esto puede provocar que dichas etiquetas se marquen incorrectamente como autocerradas, y al usar las funciones de an\u00e1lisis, esto puede provocar que el contenido posterior a dichas etiquetas se coloque en el \u00e1mbito incorrecto durante la construcci\u00f3n del DOM, pero solo cuando las etiquetas se encuentran en contenido externo (por ejemplo, contextos , , etc.).\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.2,\"impactScore\":3.7}]},\"references\":[{\"url\":\"https://go.dev/cl/662715\",\"source\":\"security@golang.org\"},{\"url\":\"https://go.dev/issue/73070\",\"source\":\"security@golang.org\"},{\"url\":\"https://groups.google.com/g/golang-announce/c/ezSKR9vqbqA\",\"source\":\"security@golang.org\"},{\"url\":\"https://pkg.go.dev/vuln/GO-2025-3595\",\"source\":\"security@golang.org\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20250516-0007/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://security.netapp.com/advisory/ntap-20250516-0007/\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-05-16T23:03:07.693Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 6.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-22872\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-16T20:14:29.607584Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-16T20:14:58.303Z\"}}], \"cna\": {\"title\": \"Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net\", \"credits\": [{\"lang\": \"en\", \"value\": \"Sean Ng (https://ensy.zip)\"}], \"affected\": [{\"vendor\": \"golang.org/x/net\", \"product\": \"golang.org/x/net/html\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"0.38.0\", \"versionType\": \"semver\"}], \"packageName\": \"golang.org/x/net/html\", \"collectionURL\": \"https://pkg.go.dev\", \"defaultStatus\": \"unaffected\", \"programRoutines\": [{\"name\": \"Tokenizer.readStartTag\"}, {\"name\": \"Parse\"}, {\"name\": \"ParseFragment\"}, {\"name\": \"ParseFragmentWithOptions\"}, {\"name\": \"ParseWithOptions\"}, {\"name\": \"Tokenizer.Next\"}]}], \"references\": [{\"url\": \"https://go.dev/cl/662715\"}, {\"url\": \"https://go.dev/issue/73070\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/ezSKR9vqbqA\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2025-3595\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-79\"}]}], \"providerMetadata\": {\"orgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"shortName\": \"Go\", \"dateUpdated\": \"2025-04-16T17:13:02.550Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-22872\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-16T23:03:07.693Z\", \"dateReserved\": \"2025-01-08T19:11:42.834Z\", \"assignerOrgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"datePublished\": \"2025-04-16T17:13:02.550Z\", \"assignerShortName\": \"Go\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
OPENSUSE-SU-2025:15207-1
Vulnerability from csaf_opensuse - Published: 2025-07-03 00:00 - Updated: 2025-07-03 00:00Summary
alloy-1.9.1-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: alloy-1.9.1-1.1 on GA media
Description of the patch: These are all security issues fixed in the alloy-1.9.1-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2025-15207
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:alloy-1.9.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:alloy-1.9.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:alloy-1.9.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:alloy-1.9.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:alloy-1.9.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:alloy-1.9.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:alloy-1.9.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:alloy-1.9.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
8 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "alloy-1.9.1-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the alloy-1.9.1-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15207",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15207-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-46327 page",
"url": "https://www.suse.com/security/cve/CVE-2025-46327/"
}
],
"title": "alloy-1.9.1-1.1 on GA media",
"tracking": {
"current_release_date": "2025-07-03T00:00:00Z",
"generator": {
"date": "2025-07-03T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15207-1",
"initial_release_date": "2025-07-03T00:00:00Z",
"revision_history": [
{
"date": "2025-07-03T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.9.1-1.1.aarch64",
"product": {
"name": "alloy-1.9.1-1.1.aarch64",
"product_id": "alloy-1.9.1-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.9.1-1.1.ppc64le",
"product": {
"name": "alloy-1.9.1-1.1.ppc64le",
"product_id": "alloy-1.9.1-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.9.1-1.1.s390x",
"product": {
"name": "alloy-1.9.1-1.1.s390x",
"product_id": "alloy-1.9.1-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.9.1-1.1.x86_64",
"product": {
"name": "alloy-1.9.1-1.1.x86_64",
"product_id": "alloy-1.9.1-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.9.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:alloy-1.9.1-1.1.aarch64"
},
"product_reference": "alloy-1.9.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.9.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:alloy-1.9.1-1.1.ppc64le"
},
"product_reference": "alloy-1.9.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.9.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:alloy-1.9.1-1.1.s390x"
},
"product_reference": "alloy-1.9.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.9.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:alloy-1.9.1-1.1.x86_64"
},
"product_reference": "alloy-1.9.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:alloy-1.9.1-1.1.aarch64",
"openSUSE Tumbleweed:alloy-1.9.1-1.1.ppc64le",
"openSUSE Tumbleweed:alloy-1.9.1-1.1.s390x",
"openSUSE Tumbleweed:alloy-1.9.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:alloy-1.9.1-1.1.aarch64",
"openSUSE Tumbleweed:alloy-1.9.1-1.1.ppc64le",
"openSUSE Tumbleweed:alloy-1.9.1-1.1.s390x",
"openSUSE Tumbleweed:alloy-1.9.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:alloy-1.9.1-1.1.aarch64",
"openSUSE Tumbleweed:alloy-1.9.1-1.1.ppc64le",
"openSUSE Tumbleweed:alloy-1.9.1-1.1.s390x",
"openSUSE Tumbleweed:alloy-1.9.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
},
{
"cve": "CVE-2025-46327",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-46327"
}
],
"notes": [
{
"category": "general",
"text": "gosnowflake is the Snowflake Golang driver. Versions starting from 1.7.0 to before 1.13.3, are vulnerable to a Time-of-Check to Time-of-Use (TOCTOU) race condition. When using the Easy Logging feature on Linux and macOS, the Driver reads logging configuration from a user-provided file. On Linux and macOS the Driver verifies that the configuration file can be written to only by its owner. That check was vulnerable to a TOCTOU race condition and failed to verify that the file owner matches the user running the Driver. This could allow a local attacker with write access to the configuration file or the directory containing it to overwrite the configuration and gain control over logging level and output location. This issue has been patched in version 1.13.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:alloy-1.9.1-1.1.aarch64",
"openSUSE Tumbleweed:alloy-1.9.1-1.1.ppc64le",
"openSUSE Tumbleweed:alloy-1.9.1-1.1.s390x",
"openSUSE Tumbleweed:alloy-1.9.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-46327",
"url": "https://www.suse.com/security/cve/CVE-2025-46327"
},
{
"category": "external",
"summary": "SUSE Bug 1242017 for CVE-2025-46327",
"url": "https://bugzilla.suse.com/1242017"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:alloy-1.9.1-1.1.aarch64",
"openSUSE Tumbleweed:alloy-1.9.1-1.1.ppc64le",
"openSUSE Tumbleweed:alloy-1.9.1-1.1.s390x",
"openSUSE Tumbleweed:alloy-1.9.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:alloy-1.9.1-1.1.aarch64",
"openSUSE Tumbleweed:alloy-1.9.1-1.1.ppc64le",
"openSUSE Tumbleweed:alloy-1.9.1-1.1.s390x",
"openSUSE Tumbleweed:alloy-1.9.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-46327"
}
]
}
OPENSUSE-SU-2025:15228-1
Vulnerability from csaf_opensuse - Published: 2025-07-03 00:00 - Updated: 2025-07-03 00:00Summary
helm-3.18.3-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: helm-3.18.3-1.1 on GA media
Description of the patch: These are all security issues fixed in the helm-3.18.3-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2025-15228
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.5 (Medium)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:helm-3.18.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:helm-3.18.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:helm-3.18.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:helm-3.18.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:helm-bash-completion-3.18.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:helm-bash-completion-3.18.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:helm-bash-completion-3.18.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:helm-bash-completion-3.18.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:helm-fish-completion-3.18.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:helm-fish-completion-3.18.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:helm-fish-completion-3.18.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:helm-fish-completion-3.18.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:helm-zsh-completion-3.18.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:helm-zsh-completion-3.18.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:helm-zsh-completion-3.18.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:helm-zsh-completion-3.18.3-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
5 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "helm-3.18.3-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the helm-3.18.3-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15228",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15228-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
}
],
"title": "helm-3.18.3-1.1 on GA media",
"tracking": {
"current_release_date": "2025-07-03T00:00:00Z",
"generator": {
"date": "2025-07-03T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15228-1",
"initial_release_date": "2025-07-03T00:00:00Z",
"revision_history": [
{
"date": "2025-07-03T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "helm-3.18.3-1.1.aarch64",
"product": {
"name": "helm-3.18.3-1.1.aarch64",
"product_id": "helm-3.18.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "helm-bash-completion-3.18.3-1.1.aarch64",
"product": {
"name": "helm-bash-completion-3.18.3-1.1.aarch64",
"product_id": "helm-bash-completion-3.18.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "helm-fish-completion-3.18.3-1.1.aarch64",
"product": {
"name": "helm-fish-completion-3.18.3-1.1.aarch64",
"product_id": "helm-fish-completion-3.18.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "helm-zsh-completion-3.18.3-1.1.aarch64",
"product": {
"name": "helm-zsh-completion-3.18.3-1.1.aarch64",
"product_id": "helm-zsh-completion-3.18.3-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-3.18.3-1.1.ppc64le",
"product": {
"name": "helm-3.18.3-1.1.ppc64le",
"product_id": "helm-3.18.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "helm-bash-completion-3.18.3-1.1.ppc64le",
"product": {
"name": "helm-bash-completion-3.18.3-1.1.ppc64le",
"product_id": "helm-bash-completion-3.18.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "helm-fish-completion-3.18.3-1.1.ppc64le",
"product": {
"name": "helm-fish-completion-3.18.3-1.1.ppc64le",
"product_id": "helm-fish-completion-3.18.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "helm-zsh-completion-3.18.3-1.1.ppc64le",
"product": {
"name": "helm-zsh-completion-3.18.3-1.1.ppc64le",
"product_id": "helm-zsh-completion-3.18.3-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-3.18.3-1.1.s390x",
"product": {
"name": "helm-3.18.3-1.1.s390x",
"product_id": "helm-3.18.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "helm-bash-completion-3.18.3-1.1.s390x",
"product": {
"name": "helm-bash-completion-3.18.3-1.1.s390x",
"product_id": "helm-bash-completion-3.18.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "helm-fish-completion-3.18.3-1.1.s390x",
"product": {
"name": "helm-fish-completion-3.18.3-1.1.s390x",
"product_id": "helm-fish-completion-3.18.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "helm-zsh-completion-3.18.3-1.1.s390x",
"product": {
"name": "helm-zsh-completion-3.18.3-1.1.s390x",
"product_id": "helm-zsh-completion-3.18.3-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-3.18.3-1.1.x86_64",
"product": {
"name": "helm-3.18.3-1.1.x86_64",
"product_id": "helm-3.18.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "helm-bash-completion-3.18.3-1.1.x86_64",
"product": {
"name": "helm-bash-completion-3.18.3-1.1.x86_64",
"product_id": "helm-bash-completion-3.18.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "helm-fish-completion-3.18.3-1.1.x86_64",
"product": {
"name": "helm-fish-completion-3.18.3-1.1.x86_64",
"product_id": "helm-fish-completion-3.18.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "helm-zsh-completion-3.18.3-1.1.x86_64",
"product": {
"name": "helm-zsh-completion-3.18.3-1.1.x86_64",
"product_id": "helm-zsh-completion-3.18.3-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.18.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-3.18.3-1.1.aarch64"
},
"product_reference": "helm-3.18.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.18.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-3.18.3-1.1.ppc64le"
},
"product_reference": "helm-3.18.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.18.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-3.18.3-1.1.s390x"
},
"product_reference": "helm-3.18.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.18.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-3.18.3-1.1.x86_64"
},
"product_reference": "helm-3.18.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-bash-completion-3.18.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-bash-completion-3.18.3-1.1.aarch64"
},
"product_reference": "helm-bash-completion-3.18.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-bash-completion-3.18.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-bash-completion-3.18.3-1.1.ppc64le"
},
"product_reference": "helm-bash-completion-3.18.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-bash-completion-3.18.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-bash-completion-3.18.3-1.1.s390x"
},
"product_reference": "helm-bash-completion-3.18.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-bash-completion-3.18.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-bash-completion-3.18.3-1.1.x86_64"
},
"product_reference": "helm-bash-completion-3.18.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-fish-completion-3.18.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-fish-completion-3.18.3-1.1.aarch64"
},
"product_reference": "helm-fish-completion-3.18.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-fish-completion-3.18.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-fish-completion-3.18.3-1.1.ppc64le"
},
"product_reference": "helm-fish-completion-3.18.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-fish-completion-3.18.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-fish-completion-3.18.3-1.1.s390x"
},
"product_reference": "helm-fish-completion-3.18.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-fish-completion-3.18.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-fish-completion-3.18.3-1.1.x86_64"
},
"product_reference": "helm-fish-completion-3.18.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-zsh-completion-3.18.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-zsh-completion-3.18.3-1.1.aarch64"
},
"product_reference": "helm-zsh-completion-3.18.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-zsh-completion-3.18.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-zsh-completion-3.18.3-1.1.ppc64le"
},
"product_reference": "helm-zsh-completion-3.18.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-zsh-completion-3.18.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-zsh-completion-3.18.3-1.1.s390x"
},
"product_reference": "helm-zsh-completion-3.18.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-zsh-completion-3.18.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-zsh-completion-3.18.3-1.1.x86_64"
},
"product_reference": "helm-zsh-completion-3.18.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm-3.18.3-1.1.aarch64",
"openSUSE Tumbleweed:helm-3.18.3-1.1.ppc64le",
"openSUSE Tumbleweed:helm-3.18.3-1.1.s390x",
"openSUSE Tumbleweed:helm-3.18.3-1.1.x86_64",
"openSUSE Tumbleweed:helm-bash-completion-3.18.3-1.1.aarch64",
"openSUSE Tumbleweed:helm-bash-completion-3.18.3-1.1.ppc64le",
"openSUSE Tumbleweed:helm-bash-completion-3.18.3-1.1.s390x",
"openSUSE Tumbleweed:helm-bash-completion-3.18.3-1.1.x86_64",
"openSUSE Tumbleweed:helm-fish-completion-3.18.3-1.1.aarch64",
"openSUSE Tumbleweed:helm-fish-completion-3.18.3-1.1.ppc64le",
"openSUSE Tumbleweed:helm-fish-completion-3.18.3-1.1.s390x",
"openSUSE Tumbleweed:helm-fish-completion-3.18.3-1.1.x86_64",
"openSUSE Tumbleweed:helm-zsh-completion-3.18.3-1.1.aarch64",
"openSUSE Tumbleweed:helm-zsh-completion-3.18.3-1.1.ppc64le",
"openSUSE Tumbleweed:helm-zsh-completion-3.18.3-1.1.s390x",
"openSUSE Tumbleweed:helm-zsh-completion-3.18.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm-3.18.3-1.1.aarch64",
"openSUSE Tumbleweed:helm-3.18.3-1.1.ppc64le",
"openSUSE Tumbleweed:helm-3.18.3-1.1.s390x",
"openSUSE Tumbleweed:helm-3.18.3-1.1.x86_64",
"openSUSE Tumbleweed:helm-bash-completion-3.18.3-1.1.aarch64",
"openSUSE Tumbleweed:helm-bash-completion-3.18.3-1.1.ppc64le",
"openSUSE Tumbleweed:helm-bash-completion-3.18.3-1.1.s390x",
"openSUSE Tumbleweed:helm-bash-completion-3.18.3-1.1.x86_64",
"openSUSE Tumbleweed:helm-fish-completion-3.18.3-1.1.aarch64",
"openSUSE Tumbleweed:helm-fish-completion-3.18.3-1.1.ppc64le",
"openSUSE Tumbleweed:helm-fish-completion-3.18.3-1.1.s390x",
"openSUSE Tumbleweed:helm-fish-completion-3.18.3-1.1.x86_64",
"openSUSE Tumbleweed:helm-zsh-completion-3.18.3-1.1.aarch64",
"openSUSE Tumbleweed:helm-zsh-completion-3.18.3-1.1.ppc64le",
"openSUSE Tumbleweed:helm-zsh-completion-3.18.3-1.1.s390x",
"openSUSE Tumbleweed:helm-zsh-completion-3.18.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm-3.18.3-1.1.aarch64",
"openSUSE Tumbleweed:helm-3.18.3-1.1.ppc64le",
"openSUSE Tumbleweed:helm-3.18.3-1.1.s390x",
"openSUSE Tumbleweed:helm-3.18.3-1.1.x86_64",
"openSUSE Tumbleweed:helm-bash-completion-3.18.3-1.1.aarch64",
"openSUSE Tumbleweed:helm-bash-completion-3.18.3-1.1.ppc64le",
"openSUSE Tumbleweed:helm-bash-completion-3.18.3-1.1.s390x",
"openSUSE Tumbleweed:helm-bash-completion-3.18.3-1.1.x86_64",
"openSUSE Tumbleweed:helm-fish-completion-3.18.3-1.1.aarch64",
"openSUSE Tumbleweed:helm-fish-completion-3.18.3-1.1.ppc64le",
"openSUSE Tumbleweed:helm-fish-completion-3.18.3-1.1.s390x",
"openSUSE Tumbleweed:helm-fish-completion-3.18.3-1.1.x86_64",
"openSUSE Tumbleweed:helm-zsh-completion-3.18.3-1.1.aarch64",
"openSUSE Tumbleweed:helm-zsh-completion-3.18.3-1.1.ppc64le",
"openSUSE Tumbleweed:helm-zsh-completion-3.18.3-1.1.s390x",
"openSUSE Tumbleweed:helm-zsh-completion-3.18.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
}
]
}
OPENSUSE-SU-2025:15234-1
Vulnerability from csaf_opensuse - Published: 2025-07-03 00:00 - Updated: 2025-07-03 00:00Summary
kubernetes1.30-apiserver-1.30.14-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: kubernetes1.30-apiserver-1.30.14-1.1 on GA media
Description of the patch: These are all security issues fixed in the kubernetes1.30-apiserver-1.30.14-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2025-15234
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.5 (Medium)
Affected products
Recommended
44 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-apiserver-1.30.14-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-apiserver-1.30.14-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-apiserver-1.30.14-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-apiserver-1.30.14-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-client-1.30.14-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-client-1.30.14-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-client-1.30.14-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-client-1.30.14-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-client-bash-completion-1.30.14-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-client-bash-completion-1.30.14-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-client-bash-completion-1.30.14-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-client-bash-completion-1.30.14-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-client-common-1.30.14-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-client-common-1.30.14-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-client-common-1.30.14-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-client-common-1.30.14-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-client-fish-completion-1.30.14-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-client-fish-completion-1.30.14-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-client-fish-completion-1.30.14-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-client-fish-completion-1.30.14-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-controller-manager-1.30.14-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-controller-manager-1.30.14-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-controller-manager-1.30.14-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-controller-manager-1.30.14-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-kubeadm-1.30.14-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-kubeadm-1.30.14-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-kubeadm-1.30.14-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-kubeadm-1.30.14-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-kubelet-1.30.14-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-kubelet-1.30.14-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-kubelet-1.30.14-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-kubelet-1.30.14-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-kubelet-common-1.30.14-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-kubelet-common-1.30.14-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-kubelet-common-1.30.14-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-kubelet-common-1.30.14-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-proxy-1.30.14-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-proxy-1.30.14-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-proxy-1.30.14-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-proxy-1.30.14-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-scheduler-1.30.14-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-scheduler-1.30.14-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-scheduler-1.30.14-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.30-scheduler-1.30.14-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
5 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "kubernetes1.30-apiserver-1.30.14-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the kubernetes1.30-apiserver-1.30.14-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15234",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15234-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
}
],
"title": "kubernetes1.30-apiserver-1.30.14-1.1 on GA media",
"tracking": {
"current_release_date": "2025-07-03T00:00:00Z",
"generator": {
"date": "2025-07-03T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15234-1",
"initial_release_date": "2025-07-03T00:00:00Z",
"revision_history": [
{
"date": "2025-07-03T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.30-apiserver-1.30.14-1.1.aarch64",
"product": {
"name": "kubernetes1.30-apiserver-1.30.14-1.1.aarch64",
"product_id": "kubernetes1.30-apiserver-1.30.14-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-client-1.30.14-1.1.aarch64",
"product": {
"name": "kubernetes1.30-client-1.30.14-1.1.aarch64",
"product_id": "kubernetes1.30-client-1.30.14-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-client-bash-completion-1.30.14-1.1.aarch64",
"product": {
"name": "kubernetes1.30-client-bash-completion-1.30.14-1.1.aarch64",
"product_id": "kubernetes1.30-client-bash-completion-1.30.14-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-client-common-1.30.14-1.1.aarch64",
"product": {
"name": "kubernetes1.30-client-common-1.30.14-1.1.aarch64",
"product_id": "kubernetes1.30-client-common-1.30.14-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-client-fish-completion-1.30.14-1.1.aarch64",
"product": {
"name": "kubernetes1.30-client-fish-completion-1.30.14-1.1.aarch64",
"product_id": "kubernetes1.30-client-fish-completion-1.30.14-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-controller-manager-1.30.14-1.1.aarch64",
"product": {
"name": "kubernetes1.30-controller-manager-1.30.14-1.1.aarch64",
"product_id": "kubernetes1.30-controller-manager-1.30.14-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-kubeadm-1.30.14-1.1.aarch64",
"product": {
"name": "kubernetes1.30-kubeadm-1.30.14-1.1.aarch64",
"product_id": "kubernetes1.30-kubeadm-1.30.14-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-kubelet-1.30.14-1.1.aarch64",
"product": {
"name": "kubernetes1.30-kubelet-1.30.14-1.1.aarch64",
"product_id": "kubernetes1.30-kubelet-1.30.14-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-kubelet-common-1.30.14-1.1.aarch64",
"product": {
"name": "kubernetes1.30-kubelet-common-1.30.14-1.1.aarch64",
"product_id": "kubernetes1.30-kubelet-common-1.30.14-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-proxy-1.30.14-1.1.aarch64",
"product": {
"name": "kubernetes1.30-proxy-1.30.14-1.1.aarch64",
"product_id": "kubernetes1.30-proxy-1.30.14-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-scheduler-1.30.14-1.1.aarch64",
"product": {
"name": "kubernetes1.30-scheduler-1.30.14-1.1.aarch64",
"product_id": "kubernetes1.30-scheduler-1.30.14-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.30-apiserver-1.30.14-1.1.ppc64le",
"product": {
"name": "kubernetes1.30-apiserver-1.30.14-1.1.ppc64le",
"product_id": "kubernetes1.30-apiserver-1.30.14-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-client-1.30.14-1.1.ppc64le",
"product": {
"name": "kubernetes1.30-client-1.30.14-1.1.ppc64le",
"product_id": "kubernetes1.30-client-1.30.14-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-client-bash-completion-1.30.14-1.1.ppc64le",
"product": {
"name": "kubernetes1.30-client-bash-completion-1.30.14-1.1.ppc64le",
"product_id": "kubernetes1.30-client-bash-completion-1.30.14-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-client-common-1.30.14-1.1.ppc64le",
"product": {
"name": "kubernetes1.30-client-common-1.30.14-1.1.ppc64le",
"product_id": "kubernetes1.30-client-common-1.30.14-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-client-fish-completion-1.30.14-1.1.ppc64le",
"product": {
"name": "kubernetes1.30-client-fish-completion-1.30.14-1.1.ppc64le",
"product_id": "kubernetes1.30-client-fish-completion-1.30.14-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-controller-manager-1.30.14-1.1.ppc64le",
"product": {
"name": "kubernetes1.30-controller-manager-1.30.14-1.1.ppc64le",
"product_id": "kubernetes1.30-controller-manager-1.30.14-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-kubeadm-1.30.14-1.1.ppc64le",
"product": {
"name": "kubernetes1.30-kubeadm-1.30.14-1.1.ppc64le",
"product_id": "kubernetes1.30-kubeadm-1.30.14-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-kubelet-1.30.14-1.1.ppc64le",
"product": {
"name": "kubernetes1.30-kubelet-1.30.14-1.1.ppc64le",
"product_id": "kubernetes1.30-kubelet-1.30.14-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-kubelet-common-1.30.14-1.1.ppc64le",
"product": {
"name": "kubernetes1.30-kubelet-common-1.30.14-1.1.ppc64le",
"product_id": "kubernetes1.30-kubelet-common-1.30.14-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-proxy-1.30.14-1.1.ppc64le",
"product": {
"name": "kubernetes1.30-proxy-1.30.14-1.1.ppc64le",
"product_id": "kubernetes1.30-proxy-1.30.14-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-scheduler-1.30.14-1.1.ppc64le",
"product": {
"name": "kubernetes1.30-scheduler-1.30.14-1.1.ppc64le",
"product_id": "kubernetes1.30-scheduler-1.30.14-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.30-apiserver-1.30.14-1.1.s390x",
"product": {
"name": "kubernetes1.30-apiserver-1.30.14-1.1.s390x",
"product_id": "kubernetes1.30-apiserver-1.30.14-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-client-1.30.14-1.1.s390x",
"product": {
"name": "kubernetes1.30-client-1.30.14-1.1.s390x",
"product_id": "kubernetes1.30-client-1.30.14-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-client-bash-completion-1.30.14-1.1.s390x",
"product": {
"name": "kubernetes1.30-client-bash-completion-1.30.14-1.1.s390x",
"product_id": "kubernetes1.30-client-bash-completion-1.30.14-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-client-common-1.30.14-1.1.s390x",
"product": {
"name": "kubernetes1.30-client-common-1.30.14-1.1.s390x",
"product_id": "kubernetes1.30-client-common-1.30.14-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-client-fish-completion-1.30.14-1.1.s390x",
"product": {
"name": "kubernetes1.30-client-fish-completion-1.30.14-1.1.s390x",
"product_id": "kubernetes1.30-client-fish-completion-1.30.14-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-controller-manager-1.30.14-1.1.s390x",
"product": {
"name": "kubernetes1.30-controller-manager-1.30.14-1.1.s390x",
"product_id": "kubernetes1.30-controller-manager-1.30.14-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-kubeadm-1.30.14-1.1.s390x",
"product": {
"name": "kubernetes1.30-kubeadm-1.30.14-1.1.s390x",
"product_id": "kubernetes1.30-kubeadm-1.30.14-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-kubelet-1.30.14-1.1.s390x",
"product": {
"name": "kubernetes1.30-kubelet-1.30.14-1.1.s390x",
"product_id": "kubernetes1.30-kubelet-1.30.14-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-kubelet-common-1.30.14-1.1.s390x",
"product": {
"name": "kubernetes1.30-kubelet-common-1.30.14-1.1.s390x",
"product_id": "kubernetes1.30-kubelet-common-1.30.14-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-proxy-1.30.14-1.1.s390x",
"product": {
"name": "kubernetes1.30-proxy-1.30.14-1.1.s390x",
"product_id": "kubernetes1.30-proxy-1.30.14-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-scheduler-1.30.14-1.1.s390x",
"product": {
"name": "kubernetes1.30-scheduler-1.30.14-1.1.s390x",
"product_id": "kubernetes1.30-scheduler-1.30.14-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.30-apiserver-1.30.14-1.1.x86_64",
"product": {
"name": "kubernetes1.30-apiserver-1.30.14-1.1.x86_64",
"product_id": "kubernetes1.30-apiserver-1.30.14-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-client-1.30.14-1.1.x86_64",
"product": {
"name": "kubernetes1.30-client-1.30.14-1.1.x86_64",
"product_id": "kubernetes1.30-client-1.30.14-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-client-bash-completion-1.30.14-1.1.x86_64",
"product": {
"name": "kubernetes1.30-client-bash-completion-1.30.14-1.1.x86_64",
"product_id": "kubernetes1.30-client-bash-completion-1.30.14-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-client-common-1.30.14-1.1.x86_64",
"product": {
"name": "kubernetes1.30-client-common-1.30.14-1.1.x86_64",
"product_id": "kubernetes1.30-client-common-1.30.14-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-client-fish-completion-1.30.14-1.1.x86_64",
"product": {
"name": "kubernetes1.30-client-fish-completion-1.30.14-1.1.x86_64",
"product_id": "kubernetes1.30-client-fish-completion-1.30.14-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-controller-manager-1.30.14-1.1.x86_64",
"product": {
"name": "kubernetes1.30-controller-manager-1.30.14-1.1.x86_64",
"product_id": "kubernetes1.30-controller-manager-1.30.14-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-kubeadm-1.30.14-1.1.x86_64",
"product": {
"name": "kubernetes1.30-kubeadm-1.30.14-1.1.x86_64",
"product_id": "kubernetes1.30-kubeadm-1.30.14-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-kubelet-1.30.14-1.1.x86_64",
"product": {
"name": "kubernetes1.30-kubelet-1.30.14-1.1.x86_64",
"product_id": "kubernetes1.30-kubelet-1.30.14-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-kubelet-common-1.30.14-1.1.x86_64",
"product": {
"name": "kubernetes1.30-kubelet-common-1.30.14-1.1.x86_64",
"product_id": "kubernetes1.30-kubelet-common-1.30.14-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-proxy-1.30.14-1.1.x86_64",
"product": {
"name": "kubernetes1.30-proxy-1.30.14-1.1.x86_64",
"product_id": "kubernetes1.30-proxy-1.30.14-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.30-scheduler-1.30.14-1.1.x86_64",
"product": {
"name": "kubernetes1.30-scheduler-1.30.14-1.1.x86_64",
"product_id": "kubernetes1.30-scheduler-1.30.14-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-apiserver-1.30.14-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-apiserver-1.30.14-1.1.aarch64"
},
"product_reference": "kubernetes1.30-apiserver-1.30.14-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-apiserver-1.30.14-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-apiserver-1.30.14-1.1.ppc64le"
},
"product_reference": "kubernetes1.30-apiserver-1.30.14-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-apiserver-1.30.14-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-apiserver-1.30.14-1.1.s390x"
},
"product_reference": "kubernetes1.30-apiserver-1.30.14-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-apiserver-1.30.14-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-apiserver-1.30.14-1.1.x86_64"
},
"product_reference": "kubernetes1.30-apiserver-1.30.14-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-client-1.30.14-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-client-1.30.14-1.1.aarch64"
},
"product_reference": "kubernetes1.30-client-1.30.14-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-client-1.30.14-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-client-1.30.14-1.1.ppc64le"
},
"product_reference": "kubernetes1.30-client-1.30.14-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-client-1.30.14-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-client-1.30.14-1.1.s390x"
},
"product_reference": "kubernetes1.30-client-1.30.14-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-client-1.30.14-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-client-1.30.14-1.1.x86_64"
},
"product_reference": "kubernetes1.30-client-1.30.14-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-client-bash-completion-1.30.14-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-client-bash-completion-1.30.14-1.1.aarch64"
},
"product_reference": "kubernetes1.30-client-bash-completion-1.30.14-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-client-bash-completion-1.30.14-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-client-bash-completion-1.30.14-1.1.ppc64le"
},
"product_reference": "kubernetes1.30-client-bash-completion-1.30.14-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-client-bash-completion-1.30.14-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-client-bash-completion-1.30.14-1.1.s390x"
},
"product_reference": "kubernetes1.30-client-bash-completion-1.30.14-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-client-bash-completion-1.30.14-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-client-bash-completion-1.30.14-1.1.x86_64"
},
"product_reference": "kubernetes1.30-client-bash-completion-1.30.14-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-client-common-1.30.14-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-client-common-1.30.14-1.1.aarch64"
},
"product_reference": "kubernetes1.30-client-common-1.30.14-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-client-common-1.30.14-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-client-common-1.30.14-1.1.ppc64le"
},
"product_reference": "kubernetes1.30-client-common-1.30.14-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-client-common-1.30.14-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-client-common-1.30.14-1.1.s390x"
},
"product_reference": "kubernetes1.30-client-common-1.30.14-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-client-common-1.30.14-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-client-common-1.30.14-1.1.x86_64"
},
"product_reference": "kubernetes1.30-client-common-1.30.14-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-client-fish-completion-1.30.14-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-client-fish-completion-1.30.14-1.1.aarch64"
},
"product_reference": "kubernetes1.30-client-fish-completion-1.30.14-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-client-fish-completion-1.30.14-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-client-fish-completion-1.30.14-1.1.ppc64le"
},
"product_reference": "kubernetes1.30-client-fish-completion-1.30.14-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-client-fish-completion-1.30.14-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-client-fish-completion-1.30.14-1.1.s390x"
},
"product_reference": "kubernetes1.30-client-fish-completion-1.30.14-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-client-fish-completion-1.30.14-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-client-fish-completion-1.30.14-1.1.x86_64"
},
"product_reference": "kubernetes1.30-client-fish-completion-1.30.14-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-controller-manager-1.30.14-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-controller-manager-1.30.14-1.1.aarch64"
},
"product_reference": "kubernetes1.30-controller-manager-1.30.14-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-controller-manager-1.30.14-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-controller-manager-1.30.14-1.1.ppc64le"
},
"product_reference": "kubernetes1.30-controller-manager-1.30.14-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-controller-manager-1.30.14-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-controller-manager-1.30.14-1.1.s390x"
},
"product_reference": "kubernetes1.30-controller-manager-1.30.14-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-controller-manager-1.30.14-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-controller-manager-1.30.14-1.1.x86_64"
},
"product_reference": "kubernetes1.30-controller-manager-1.30.14-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-kubeadm-1.30.14-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-kubeadm-1.30.14-1.1.aarch64"
},
"product_reference": "kubernetes1.30-kubeadm-1.30.14-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-kubeadm-1.30.14-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-kubeadm-1.30.14-1.1.ppc64le"
},
"product_reference": "kubernetes1.30-kubeadm-1.30.14-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-kubeadm-1.30.14-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-kubeadm-1.30.14-1.1.s390x"
},
"product_reference": "kubernetes1.30-kubeadm-1.30.14-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-kubeadm-1.30.14-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-kubeadm-1.30.14-1.1.x86_64"
},
"product_reference": "kubernetes1.30-kubeadm-1.30.14-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-kubelet-1.30.14-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-kubelet-1.30.14-1.1.aarch64"
},
"product_reference": "kubernetes1.30-kubelet-1.30.14-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-kubelet-1.30.14-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-kubelet-1.30.14-1.1.ppc64le"
},
"product_reference": "kubernetes1.30-kubelet-1.30.14-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-kubelet-1.30.14-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-kubelet-1.30.14-1.1.s390x"
},
"product_reference": "kubernetes1.30-kubelet-1.30.14-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-kubelet-1.30.14-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-kubelet-1.30.14-1.1.x86_64"
},
"product_reference": "kubernetes1.30-kubelet-1.30.14-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-kubelet-common-1.30.14-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-kubelet-common-1.30.14-1.1.aarch64"
},
"product_reference": "kubernetes1.30-kubelet-common-1.30.14-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-kubelet-common-1.30.14-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-kubelet-common-1.30.14-1.1.ppc64le"
},
"product_reference": "kubernetes1.30-kubelet-common-1.30.14-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-kubelet-common-1.30.14-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-kubelet-common-1.30.14-1.1.s390x"
},
"product_reference": "kubernetes1.30-kubelet-common-1.30.14-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-kubelet-common-1.30.14-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-kubelet-common-1.30.14-1.1.x86_64"
},
"product_reference": "kubernetes1.30-kubelet-common-1.30.14-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-proxy-1.30.14-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-proxy-1.30.14-1.1.aarch64"
},
"product_reference": "kubernetes1.30-proxy-1.30.14-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-proxy-1.30.14-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-proxy-1.30.14-1.1.ppc64le"
},
"product_reference": "kubernetes1.30-proxy-1.30.14-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-proxy-1.30.14-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-proxy-1.30.14-1.1.s390x"
},
"product_reference": "kubernetes1.30-proxy-1.30.14-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-proxy-1.30.14-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-proxy-1.30.14-1.1.x86_64"
},
"product_reference": "kubernetes1.30-proxy-1.30.14-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-scheduler-1.30.14-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-scheduler-1.30.14-1.1.aarch64"
},
"product_reference": "kubernetes1.30-scheduler-1.30.14-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-scheduler-1.30.14-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-scheduler-1.30.14-1.1.ppc64le"
},
"product_reference": "kubernetes1.30-scheduler-1.30.14-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-scheduler-1.30.14-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-scheduler-1.30.14-1.1.s390x"
},
"product_reference": "kubernetes1.30-scheduler-1.30.14-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.30-scheduler-1.30.14-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.30-scheduler-1.30.14-1.1.x86_64"
},
"product_reference": "kubernetes1.30-scheduler-1.30.14-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kubernetes1.30-apiserver-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-apiserver-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-apiserver-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-apiserver-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-client-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-client-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-client-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-client-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-client-bash-completion-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-client-bash-completion-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-client-bash-completion-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-client-bash-completion-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-client-common-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-client-common-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-client-common-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-client-common-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-client-fish-completion-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-client-fish-completion-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-client-fish-completion-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-client-fish-completion-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-controller-manager-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-controller-manager-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-controller-manager-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-controller-manager-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-kubeadm-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-kubeadm-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-kubeadm-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-kubeadm-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-common-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-common-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-common-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-common-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-proxy-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-proxy-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-proxy-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-proxy-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-scheduler-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-scheduler-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-scheduler-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-scheduler-1.30.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kubernetes1.30-apiserver-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-apiserver-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-apiserver-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-apiserver-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-client-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-client-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-client-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-client-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-client-bash-completion-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-client-bash-completion-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-client-bash-completion-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-client-bash-completion-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-client-common-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-client-common-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-client-common-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-client-common-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-client-fish-completion-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-client-fish-completion-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-client-fish-completion-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-client-fish-completion-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-controller-manager-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-controller-manager-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-controller-manager-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-controller-manager-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-kubeadm-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-kubeadm-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-kubeadm-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-kubeadm-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-common-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-common-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-common-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-common-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-proxy-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-proxy-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-proxy-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-proxy-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-scheduler-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-scheduler-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-scheduler-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-scheduler-1.30.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kubernetes1.30-apiserver-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-apiserver-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-apiserver-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-apiserver-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-client-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-client-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-client-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-client-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-client-bash-completion-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-client-bash-completion-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-client-bash-completion-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-client-bash-completion-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-client-common-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-client-common-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-client-common-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-client-common-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-client-fish-completion-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-client-fish-completion-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-client-fish-completion-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-client-fish-completion-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-controller-manager-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-controller-manager-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-controller-manager-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-controller-manager-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-kubeadm-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-kubeadm-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-kubeadm-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-kubeadm-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-common-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-common-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-common-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-kubelet-common-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-proxy-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-proxy-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-proxy-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-proxy-1.30.14-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.30-scheduler-1.30.14-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.30-scheduler-1.30.14-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.30-scheduler-1.30.14-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.30-scheduler-1.30.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
}
]
}
OPENSUSE-SU-2025:15235-1
Vulnerability from csaf_opensuse - Published: 2025-07-03 00:00 - Updated: 2025-07-03 00:00Summary
kubernetes1.31-apiserver-1.31.10-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: kubernetes1.31-apiserver-1.31.10-1.1 on GA media
Description of the patch: These are all security issues fixed in the kubernetes1.31-apiserver-1.31.10-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2025-15235
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.5 (Medium)
Affected products
Recommended
44 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-apiserver-1.31.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-apiserver-1.31.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-apiserver-1.31.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-apiserver-1.31.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-client-1.31.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-client-1.31.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-client-1.31.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-client-1.31.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-client-bash-completion-1.31.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-client-bash-completion-1.31.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-client-bash-completion-1.31.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-client-bash-completion-1.31.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-client-common-1.31.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-client-common-1.31.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-client-common-1.31.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-client-common-1.31.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-client-fish-completion-1.31.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-client-fish-completion-1.31.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-client-fish-completion-1.31.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-client-fish-completion-1.31.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-controller-manager-1.31.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-controller-manager-1.31.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-controller-manager-1.31.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-controller-manager-1.31.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-kubeadm-1.31.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-kubeadm-1.31.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-kubeadm-1.31.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-kubeadm-1.31.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-kubelet-1.31.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-kubelet-1.31.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-kubelet-1.31.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-kubelet-1.31.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-kubelet-common-1.31.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-kubelet-common-1.31.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-kubelet-common-1.31.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-kubelet-common-1.31.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-proxy-1.31.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-proxy-1.31.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-proxy-1.31.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-proxy-1.31.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-scheduler-1.31.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-scheduler-1.31.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-scheduler-1.31.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.31-scheduler-1.31.10-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
5 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "kubernetes1.31-apiserver-1.31.10-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the kubernetes1.31-apiserver-1.31.10-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15235",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15235-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
}
],
"title": "kubernetes1.31-apiserver-1.31.10-1.1 on GA media",
"tracking": {
"current_release_date": "2025-07-03T00:00:00Z",
"generator": {
"date": "2025-07-03T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15235-1",
"initial_release_date": "2025-07-03T00:00:00Z",
"revision_history": [
{
"date": "2025-07-03T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.31-apiserver-1.31.10-1.1.aarch64",
"product": {
"name": "kubernetes1.31-apiserver-1.31.10-1.1.aarch64",
"product_id": "kubernetes1.31-apiserver-1.31.10-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-1.31.10-1.1.aarch64",
"product": {
"name": "kubernetes1.31-client-1.31.10-1.1.aarch64",
"product_id": "kubernetes1.31-client-1.31.10-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-bash-completion-1.31.10-1.1.aarch64",
"product": {
"name": "kubernetes1.31-client-bash-completion-1.31.10-1.1.aarch64",
"product_id": "kubernetes1.31-client-bash-completion-1.31.10-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-common-1.31.10-1.1.aarch64",
"product": {
"name": "kubernetes1.31-client-common-1.31.10-1.1.aarch64",
"product_id": "kubernetes1.31-client-common-1.31.10-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-fish-completion-1.31.10-1.1.aarch64",
"product": {
"name": "kubernetes1.31-client-fish-completion-1.31.10-1.1.aarch64",
"product_id": "kubernetes1.31-client-fish-completion-1.31.10-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-controller-manager-1.31.10-1.1.aarch64",
"product": {
"name": "kubernetes1.31-controller-manager-1.31.10-1.1.aarch64",
"product_id": "kubernetes1.31-controller-manager-1.31.10-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-kubeadm-1.31.10-1.1.aarch64",
"product": {
"name": "kubernetes1.31-kubeadm-1.31.10-1.1.aarch64",
"product_id": "kubernetes1.31-kubeadm-1.31.10-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-kubelet-1.31.10-1.1.aarch64",
"product": {
"name": "kubernetes1.31-kubelet-1.31.10-1.1.aarch64",
"product_id": "kubernetes1.31-kubelet-1.31.10-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-kubelet-common-1.31.10-1.1.aarch64",
"product": {
"name": "kubernetes1.31-kubelet-common-1.31.10-1.1.aarch64",
"product_id": "kubernetes1.31-kubelet-common-1.31.10-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-proxy-1.31.10-1.1.aarch64",
"product": {
"name": "kubernetes1.31-proxy-1.31.10-1.1.aarch64",
"product_id": "kubernetes1.31-proxy-1.31.10-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-scheduler-1.31.10-1.1.aarch64",
"product": {
"name": "kubernetes1.31-scheduler-1.31.10-1.1.aarch64",
"product_id": "kubernetes1.31-scheduler-1.31.10-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.31-apiserver-1.31.10-1.1.ppc64le",
"product": {
"name": "kubernetes1.31-apiserver-1.31.10-1.1.ppc64le",
"product_id": "kubernetes1.31-apiserver-1.31.10-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-1.31.10-1.1.ppc64le",
"product": {
"name": "kubernetes1.31-client-1.31.10-1.1.ppc64le",
"product_id": "kubernetes1.31-client-1.31.10-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-bash-completion-1.31.10-1.1.ppc64le",
"product": {
"name": "kubernetes1.31-client-bash-completion-1.31.10-1.1.ppc64le",
"product_id": "kubernetes1.31-client-bash-completion-1.31.10-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-common-1.31.10-1.1.ppc64le",
"product": {
"name": "kubernetes1.31-client-common-1.31.10-1.1.ppc64le",
"product_id": "kubernetes1.31-client-common-1.31.10-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-fish-completion-1.31.10-1.1.ppc64le",
"product": {
"name": "kubernetes1.31-client-fish-completion-1.31.10-1.1.ppc64le",
"product_id": "kubernetes1.31-client-fish-completion-1.31.10-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-controller-manager-1.31.10-1.1.ppc64le",
"product": {
"name": "kubernetes1.31-controller-manager-1.31.10-1.1.ppc64le",
"product_id": "kubernetes1.31-controller-manager-1.31.10-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-kubeadm-1.31.10-1.1.ppc64le",
"product": {
"name": "kubernetes1.31-kubeadm-1.31.10-1.1.ppc64le",
"product_id": "kubernetes1.31-kubeadm-1.31.10-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-kubelet-1.31.10-1.1.ppc64le",
"product": {
"name": "kubernetes1.31-kubelet-1.31.10-1.1.ppc64le",
"product_id": "kubernetes1.31-kubelet-1.31.10-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-kubelet-common-1.31.10-1.1.ppc64le",
"product": {
"name": "kubernetes1.31-kubelet-common-1.31.10-1.1.ppc64le",
"product_id": "kubernetes1.31-kubelet-common-1.31.10-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-proxy-1.31.10-1.1.ppc64le",
"product": {
"name": "kubernetes1.31-proxy-1.31.10-1.1.ppc64le",
"product_id": "kubernetes1.31-proxy-1.31.10-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-scheduler-1.31.10-1.1.ppc64le",
"product": {
"name": "kubernetes1.31-scheduler-1.31.10-1.1.ppc64le",
"product_id": "kubernetes1.31-scheduler-1.31.10-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.31-apiserver-1.31.10-1.1.s390x",
"product": {
"name": "kubernetes1.31-apiserver-1.31.10-1.1.s390x",
"product_id": "kubernetes1.31-apiserver-1.31.10-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-1.31.10-1.1.s390x",
"product": {
"name": "kubernetes1.31-client-1.31.10-1.1.s390x",
"product_id": "kubernetes1.31-client-1.31.10-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-bash-completion-1.31.10-1.1.s390x",
"product": {
"name": "kubernetes1.31-client-bash-completion-1.31.10-1.1.s390x",
"product_id": "kubernetes1.31-client-bash-completion-1.31.10-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-common-1.31.10-1.1.s390x",
"product": {
"name": "kubernetes1.31-client-common-1.31.10-1.1.s390x",
"product_id": "kubernetes1.31-client-common-1.31.10-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-fish-completion-1.31.10-1.1.s390x",
"product": {
"name": "kubernetes1.31-client-fish-completion-1.31.10-1.1.s390x",
"product_id": "kubernetes1.31-client-fish-completion-1.31.10-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-controller-manager-1.31.10-1.1.s390x",
"product": {
"name": "kubernetes1.31-controller-manager-1.31.10-1.1.s390x",
"product_id": "kubernetes1.31-controller-manager-1.31.10-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-kubeadm-1.31.10-1.1.s390x",
"product": {
"name": "kubernetes1.31-kubeadm-1.31.10-1.1.s390x",
"product_id": "kubernetes1.31-kubeadm-1.31.10-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-kubelet-1.31.10-1.1.s390x",
"product": {
"name": "kubernetes1.31-kubelet-1.31.10-1.1.s390x",
"product_id": "kubernetes1.31-kubelet-1.31.10-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-kubelet-common-1.31.10-1.1.s390x",
"product": {
"name": "kubernetes1.31-kubelet-common-1.31.10-1.1.s390x",
"product_id": "kubernetes1.31-kubelet-common-1.31.10-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-proxy-1.31.10-1.1.s390x",
"product": {
"name": "kubernetes1.31-proxy-1.31.10-1.1.s390x",
"product_id": "kubernetes1.31-proxy-1.31.10-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-scheduler-1.31.10-1.1.s390x",
"product": {
"name": "kubernetes1.31-scheduler-1.31.10-1.1.s390x",
"product_id": "kubernetes1.31-scheduler-1.31.10-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.31-apiserver-1.31.10-1.1.x86_64",
"product": {
"name": "kubernetes1.31-apiserver-1.31.10-1.1.x86_64",
"product_id": "kubernetes1.31-apiserver-1.31.10-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-1.31.10-1.1.x86_64",
"product": {
"name": "kubernetes1.31-client-1.31.10-1.1.x86_64",
"product_id": "kubernetes1.31-client-1.31.10-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-bash-completion-1.31.10-1.1.x86_64",
"product": {
"name": "kubernetes1.31-client-bash-completion-1.31.10-1.1.x86_64",
"product_id": "kubernetes1.31-client-bash-completion-1.31.10-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-common-1.31.10-1.1.x86_64",
"product": {
"name": "kubernetes1.31-client-common-1.31.10-1.1.x86_64",
"product_id": "kubernetes1.31-client-common-1.31.10-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-client-fish-completion-1.31.10-1.1.x86_64",
"product": {
"name": "kubernetes1.31-client-fish-completion-1.31.10-1.1.x86_64",
"product_id": "kubernetes1.31-client-fish-completion-1.31.10-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-controller-manager-1.31.10-1.1.x86_64",
"product": {
"name": "kubernetes1.31-controller-manager-1.31.10-1.1.x86_64",
"product_id": "kubernetes1.31-controller-manager-1.31.10-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-kubeadm-1.31.10-1.1.x86_64",
"product": {
"name": "kubernetes1.31-kubeadm-1.31.10-1.1.x86_64",
"product_id": "kubernetes1.31-kubeadm-1.31.10-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-kubelet-1.31.10-1.1.x86_64",
"product": {
"name": "kubernetes1.31-kubelet-1.31.10-1.1.x86_64",
"product_id": "kubernetes1.31-kubelet-1.31.10-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-kubelet-common-1.31.10-1.1.x86_64",
"product": {
"name": "kubernetes1.31-kubelet-common-1.31.10-1.1.x86_64",
"product_id": "kubernetes1.31-kubelet-common-1.31.10-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-proxy-1.31.10-1.1.x86_64",
"product": {
"name": "kubernetes1.31-proxy-1.31.10-1.1.x86_64",
"product_id": "kubernetes1.31-proxy-1.31.10-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.31-scheduler-1.31.10-1.1.x86_64",
"product": {
"name": "kubernetes1.31-scheduler-1.31.10-1.1.x86_64",
"product_id": "kubernetes1.31-scheduler-1.31.10-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-apiserver-1.31.10-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-apiserver-1.31.10-1.1.aarch64"
},
"product_reference": "kubernetes1.31-apiserver-1.31.10-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-apiserver-1.31.10-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-apiserver-1.31.10-1.1.ppc64le"
},
"product_reference": "kubernetes1.31-apiserver-1.31.10-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-apiserver-1.31.10-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-apiserver-1.31.10-1.1.s390x"
},
"product_reference": "kubernetes1.31-apiserver-1.31.10-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-apiserver-1.31.10-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-apiserver-1.31.10-1.1.x86_64"
},
"product_reference": "kubernetes1.31-apiserver-1.31.10-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-1.31.10-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-client-1.31.10-1.1.aarch64"
},
"product_reference": "kubernetes1.31-client-1.31.10-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-1.31.10-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-client-1.31.10-1.1.ppc64le"
},
"product_reference": "kubernetes1.31-client-1.31.10-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-1.31.10-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-client-1.31.10-1.1.s390x"
},
"product_reference": "kubernetes1.31-client-1.31.10-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-1.31.10-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-client-1.31.10-1.1.x86_64"
},
"product_reference": "kubernetes1.31-client-1.31.10-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-bash-completion-1.31.10-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-client-bash-completion-1.31.10-1.1.aarch64"
},
"product_reference": "kubernetes1.31-client-bash-completion-1.31.10-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-bash-completion-1.31.10-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-client-bash-completion-1.31.10-1.1.ppc64le"
},
"product_reference": "kubernetes1.31-client-bash-completion-1.31.10-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-bash-completion-1.31.10-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-client-bash-completion-1.31.10-1.1.s390x"
},
"product_reference": "kubernetes1.31-client-bash-completion-1.31.10-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-bash-completion-1.31.10-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-client-bash-completion-1.31.10-1.1.x86_64"
},
"product_reference": "kubernetes1.31-client-bash-completion-1.31.10-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-common-1.31.10-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-client-common-1.31.10-1.1.aarch64"
},
"product_reference": "kubernetes1.31-client-common-1.31.10-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-common-1.31.10-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-client-common-1.31.10-1.1.ppc64le"
},
"product_reference": "kubernetes1.31-client-common-1.31.10-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-common-1.31.10-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-client-common-1.31.10-1.1.s390x"
},
"product_reference": "kubernetes1.31-client-common-1.31.10-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-common-1.31.10-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-client-common-1.31.10-1.1.x86_64"
},
"product_reference": "kubernetes1.31-client-common-1.31.10-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-fish-completion-1.31.10-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-client-fish-completion-1.31.10-1.1.aarch64"
},
"product_reference": "kubernetes1.31-client-fish-completion-1.31.10-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-fish-completion-1.31.10-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-client-fish-completion-1.31.10-1.1.ppc64le"
},
"product_reference": "kubernetes1.31-client-fish-completion-1.31.10-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-fish-completion-1.31.10-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-client-fish-completion-1.31.10-1.1.s390x"
},
"product_reference": "kubernetes1.31-client-fish-completion-1.31.10-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-client-fish-completion-1.31.10-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-client-fish-completion-1.31.10-1.1.x86_64"
},
"product_reference": "kubernetes1.31-client-fish-completion-1.31.10-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-controller-manager-1.31.10-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-controller-manager-1.31.10-1.1.aarch64"
},
"product_reference": "kubernetes1.31-controller-manager-1.31.10-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-controller-manager-1.31.10-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-controller-manager-1.31.10-1.1.ppc64le"
},
"product_reference": "kubernetes1.31-controller-manager-1.31.10-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-controller-manager-1.31.10-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-controller-manager-1.31.10-1.1.s390x"
},
"product_reference": "kubernetes1.31-controller-manager-1.31.10-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-controller-manager-1.31.10-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-controller-manager-1.31.10-1.1.x86_64"
},
"product_reference": "kubernetes1.31-controller-manager-1.31.10-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-kubeadm-1.31.10-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-kubeadm-1.31.10-1.1.aarch64"
},
"product_reference": "kubernetes1.31-kubeadm-1.31.10-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-kubeadm-1.31.10-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-kubeadm-1.31.10-1.1.ppc64le"
},
"product_reference": "kubernetes1.31-kubeadm-1.31.10-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-kubeadm-1.31.10-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-kubeadm-1.31.10-1.1.s390x"
},
"product_reference": "kubernetes1.31-kubeadm-1.31.10-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-kubeadm-1.31.10-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-kubeadm-1.31.10-1.1.x86_64"
},
"product_reference": "kubernetes1.31-kubeadm-1.31.10-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-kubelet-1.31.10-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-kubelet-1.31.10-1.1.aarch64"
},
"product_reference": "kubernetes1.31-kubelet-1.31.10-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-kubelet-1.31.10-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-kubelet-1.31.10-1.1.ppc64le"
},
"product_reference": "kubernetes1.31-kubelet-1.31.10-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-kubelet-1.31.10-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-kubelet-1.31.10-1.1.s390x"
},
"product_reference": "kubernetes1.31-kubelet-1.31.10-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-kubelet-1.31.10-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-kubelet-1.31.10-1.1.x86_64"
},
"product_reference": "kubernetes1.31-kubelet-1.31.10-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-kubelet-common-1.31.10-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-kubelet-common-1.31.10-1.1.aarch64"
},
"product_reference": "kubernetes1.31-kubelet-common-1.31.10-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-kubelet-common-1.31.10-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-kubelet-common-1.31.10-1.1.ppc64le"
},
"product_reference": "kubernetes1.31-kubelet-common-1.31.10-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-kubelet-common-1.31.10-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-kubelet-common-1.31.10-1.1.s390x"
},
"product_reference": "kubernetes1.31-kubelet-common-1.31.10-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-kubelet-common-1.31.10-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-kubelet-common-1.31.10-1.1.x86_64"
},
"product_reference": "kubernetes1.31-kubelet-common-1.31.10-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-proxy-1.31.10-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-proxy-1.31.10-1.1.aarch64"
},
"product_reference": "kubernetes1.31-proxy-1.31.10-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-proxy-1.31.10-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-proxy-1.31.10-1.1.ppc64le"
},
"product_reference": "kubernetes1.31-proxy-1.31.10-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-proxy-1.31.10-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-proxy-1.31.10-1.1.s390x"
},
"product_reference": "kubernetes1.31-proxy-1.31.10-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-proxy-1.31.10-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-proxy-1.31.10-1.1.x86_64"
},
"product_reference": "kubernetes1.31-proxy-1.31.10-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-scheduler-1.31.10-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-scheduler-1.31.10-1.1.aarch64"
},
"product_reference": "kubernetes1.31-scheduler-1.31.10-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-scheduler-1.31.10-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-scheduler-1.31.10-1.1.ppc64le"
},
"product_reference": "kubernetes1.31-scheduler-1.31.10-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-scheduler-1.31.10-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-scheduler-1.31.10-1.1.s390x"
},
"product_reference": "kubernetes1.31-scheduler-1.31.10-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.31-scheduler-1.31.10-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.31-scheduler-1.31.10-1.1.x86_64"
},
"product_reference": "kubernetes1.31-scheduler-1.31.10-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kubernetes1.31-apiserver-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-apiserver-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-apiserver-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-apiserver-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-client-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-client-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-client-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-client-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-client-bash-completion-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-client-bash-completion-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-client-bash-completion-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-client-bash-completion-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-client-common-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-client-common-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-client-common-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-client-common-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-client-fish-completion-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-client-fish-completion-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-client-fish-completion-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-client-fish-completion-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-controller-manager-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-controller-manager-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-controller-manager-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-controller-manager-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-kubeadm-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-kubeadm-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-kubeadm-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-kubeadm-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-common-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-common-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-common-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-common-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-proxy-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-proxy-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-proxy-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-proxy-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-scheduler-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-scheduler-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-scheduler-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-scheduler-1.31.10-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kubernetes1.31-apiserver-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-apiserver-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-apiserver-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-apiserver-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-client-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-client-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-client-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-client-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-client-bash-completion-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-client-bash-completion-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-client-bash-completion-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-client-bash-completion-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-client-common-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-client-common-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-client-common-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-client-common-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-client-fish-completion-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-client-fish-completion-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-client-fish-completion-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-client-fish-completion-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-controller-manager-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-controller-manager-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-controller-manager-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-controller-manager-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-kubeadm-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-kubeadm-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-kubeadm-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-kubeadm-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-common-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-common-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-common-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-common-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-proxy-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-proxy-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-proxy-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-proxy-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-scheduler-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-scheduler-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-scheduler-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-scheduler-1.31.10-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kubernetes1.31-apiserver-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-apiserver-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-apiserver-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-apiserver-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-client-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-client-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-client-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-client-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-client-bash-completion-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-client-bash-completion-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-client-bash-completion-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-client-bash-completion-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-client-common-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-client-common-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-client-common-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-client-common-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-client-fish-completion-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-client-fish-completion-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-client-fish-completion-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-client-fish-completion-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-controller-manager-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-controller-manager-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-controller-manager-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-controller-manager-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-kubeadm-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-kubeadm-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-kubeadm-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-kubeadm-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-common-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-common-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-common-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-kubelet-common-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-proxy-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-proxy-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-proxy-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-proxy-1.31.10-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.31-scheduler-1.31.10-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.31-scheduler-1.31.10-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.31-scheduler-1.31.10-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.31-scheduler-1.31.10-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
}
]
}
OPENSUSE-SU-2025:15236-1
Vulnerability from csaf_opensuse - Published: 2025-07-03 00:00 - Updated: 2025-07-03 00:00Summary
kubernetes1.32-apiserver-1.32.6-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: kubernetes1.32-apiserver-1.32.6-1.1 on GA media
Description of the patch: These are all security issues fixed in the kubernetes1.32-apiserver-1.32.6-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2025-15236
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.5 (Medium)
Affected products
Recommended
44 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-apiserver-1.32.6-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-apiserver-1.32.6-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-apiserver-1.32.6-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-apiserver-1.32.6-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-client-1.32.6-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-client-1.32.6-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-client-1.32.6-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-client-1.32.6-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-client-bash-completion-1.32.6-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-client-bash-completion-1.32.6-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-client-bash-completion-1.32.6-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-client-bash-completion-1.32.6-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-client-common-1.32.6-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-client-common-1.32.6-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-client-common-1.32.6-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-client-common-1.32.6-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-client-fish-completion-1.32.6-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-client-fish-completion-1.32.6-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-client-fish-completion-1.32.6-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-client-fish-completion-1.32.6-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-controller-manager-1.32.6-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-controller-manager-1.32.6-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-controller-manager-1.32.6-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-controller-manager-1.32.6-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-kubeadm-1.32.6-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-kubeadm-1.32.6-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-kubeadm-1.32.6-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-kubeadm-1.32.6-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-kubelet-1.32.6-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-kubelet-1.32.6-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-kubelet-1.32.6-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-kubelet-1.32.6-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-kubelet-common-1.32.6-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-kubelet-common-1.32.6-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-kubelet-common-1.32.6-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-kubelet-common-1.32.6-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-proxy-1.32.6-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-proxy-1.32.6-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-proxy-1.32.6-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-proxy-1.32.6-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-scheduler-1.32.6-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-scheduler-1.32.6-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-scheduler-1.32.6-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes1.32-scheduler-1.32.6-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
5 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "kubernetes1.32-apiserver-1.32.6-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the kubernetes1.32-apiserver-1.32.6-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15236",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15236-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
}
],
"title": "kubernetes1.32-apiserver-1.32.6-1.1 on GA media",
"tracking": {
"current_release_date": "2025-07-03T00:00:00Z",
"generator": {
"date": "2025-07-03T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15236-1",
"initial_release_date": "2025-07-03T00:00:00Z",
"revision_history": [
{
"date": "2025-07-03T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.32-apiserver-1.32.6-1.1.aarch64",
"product": {
"name": "kubernetes1.32-apiserver-1.32.6-1.1.aarch64",
"product_id": "kubernetes1.32-apiserver-1.32.6-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-client-1.32.6-1.1.aarch64",
"product": {
"name": "kubernetes1.32-client-1.32.6-1.1.aarch64",
"product_id": "kubernetes1.32-client-1.32.6-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-client-bash-completion-1.32.6-1.1.aarch64",
"product": {
"name": "kubernetes1.32-client-bash-completion-1.32.6-1.1.aarch64",
"product_id": "kubernetes1.32-client-bash-completion-1.32.6-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-client-common-1.32.6-1.1.aarch64",
"product": {
"name": "kubernetes1.32-client-common-1.32.6-1.1.aarch64",
"product_id": "kubernetes1.32-client-common-1.32.6-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-client-fish-completion-1.32.6-1.1.aarch64",
"product": {
"name": "kubernetes1.32-client-fish-completion-1.32.6-1.1.aarch64",
"product_id": "kubernetes1.32-client-fish-completion-1.32.6-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-controller-manager-1.32.6-1.1.aarch64",
"product": {
"name": "kubernetes1.32-controller-manager-1.32.6-1.1.aarch64",
"product_id": "kubernetes1.32-controller-manager-1.32.6-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-kubeadm-1.32.6-1.1.aarch64",
"product": {
"name": "kubernetes1.32-kubeadm-1.32.6-1.1.aarch64",
"product_id": "kubernetes1.32-kubeadm-1.32.6-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-kubelet-1.32.6-1.1.aarch64",
"product": {
"name": "kubernetes1.32-kubelet-1.32.6-1.1.aarch64",
"product_id": "kubernetes1.32-kubelet-1.32.6-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-kubelet-common-1.32.6-1.1.aarch64",
"product": {
"name": "kubernetes1.32-kubelet-common-1.32.6-1.1.aarch64",
"product_id": "kubernetes1.32-kubelet-common-1.32.6-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-proxy-1.32.6-1.1.aarch64",
"product": {
"name": "kubernetes1.32-proxy-1.32.6-1.1.aarch64",
"product_id": "kubernetes1.32-proxy-1.32.6-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-scheduler-1.32.6-1.1.aarch64",
"product": {
"name": "kubernetes1.32-scheduler-1.32.6-1.1.aarch64",
"product_id": "kubernetes1.32-scheduler-1.32.6-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.32-apiserver-1.32.6-1.1.ppc64le",
"product": {
"name": "kubernetes1.32-apiserver-1.32.6-1.1.ppc64le",
"product_id": "kubernetes1.32-apiserver-1.32.6-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-client-1.32.6-1.1.ppc64le",
"product": {
"name": "kubernetes1.32-client-1.32.6-1.1.ppc64le",
"product_id": "kubernetes1.32-client-1.32.6-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-client-bash-completion-1.32.6-1.1.ppc64le",
"product": {
"name": "kubernetes1.32-client-bash-completion-1.32.6-1.1.ppc64le",
"product_id": "kubernetes1.32-client-bash-completion-1.32.6-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-client-common-1.32.6-1.1.ppc64le",
"product": {
"name": "kubernetes1.32-client-common-1.32.6-1.1.ppc64le",
"product_id": "kubernetes1.32-client-common-1.32.6-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-client-fish-completion-1.32.6-1.1.ppc64le",
"product": {
"name": "kubernetes1.32-client-fish-completion-1.32.6-1.1.ppc64le",
"product_id": "kubernetes1.32-client-fish-completion-1.32.6-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-controller-manager-1.32.6-1.1.ppc64le",
"product": {
"name": "kubernetes1.32-controller-manager-1.32.6-1.1.ppc64le",
"product_id": "kubernetes1.32-controller-manager-1.32.6-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-kubeadm-1.32.6-1.1.ppc64le",
"product": {
"name": "kubernetes1.32-kubeadm-1.32.6-1.1.ppc64le",
"product_id": "kubernetes1.32-kubeadm-1.32.6-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-kubelet-1.32.6-1.1.ppc64le",
"product": {
"name": "kubernetes1.32-kubelet-1.32.6-1.1.ppc64le",
"product_id": "kubernetes1.32-kubelet-1.32.6-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-kubelet-common-1.32.6-1.1.ppc64le",
"product": {
"name": "kubernetes1.32-kubelet-common-1.32.6-1.1.ppc64le",
"product_id": "kubernetes1.32-kubelet-common-1.32.6-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-proxy-1.32.6-1.1.ppc64le",
"product": {
"name": "kubernetes1.32-proxy-1.32.6-1.1.ppc64le",
"product_id": "kubernetes1.32-proxy-1.32.6-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-scheduler-1.32.6-1.1.ppc64le",
"product": {
"name": "kubernetes1.32-scheduler-1.32.6-1.1.ppc64le",
"product_id": "kubernetes1.32-scheduler-1.32.6-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.32-apiserver-1.32.6-1.1.s390x",
"product": {
"name": "kubernetes1.32-apiserver-1.32.6-1.1.s390x",
"product_id": "kubernetes1.32-apiserver-1.32.6-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-client-1.32.6-1.1.s390x",
"product": {
"name": "kubernetes1.32-client-1.32.6-1.1.s390x",
"product_id": "kubernetes1.32-client-1.32.6-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-client-bash-completion-1.32.6-1.1.s390x",
"product": {
"name": "kubernetes1.32-client-bash-completion-1.32.6-1.1.s390x",
"product_id": "kubernetes1.32-client-bash-completion-1.32.6-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-client-common-1.32.6-1.1.s390x",
"product": {
"name": "kubernetes1.32-client-common-1.32.6-1.1.s390x",
"product_id": "kubernetes1.32-client-common-1.32.6-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-client-fish-completion-1.32.6-1.1.s390x",
"product": {
"name": "kubernetes1.32-client-fish-completion-1.32.6-1.1.s390x",
"product_id": "kubernetes1.32-client-fish-completion-1.32.6-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-controller-manager-1.32.6-1.1.s390x",
"product": {
"name": "kubernetes1.32-controller-manager-1.32.6-1.1.s390x",
"product_id": "kubernetes1.32-controller-manager-1.32.6-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-kubeadm-1.32.6-1.1.s390x",
"product": {
"name": "kubernetes1.32-kubeadm-1.32.6-1.1.s390x",
"product_id": "kubernetes1.32-kubeadm-1.32.6-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-kubelet-1.32.6-1.1.s390x",
"product": {
"name": "kubernetes1.32-kubelet-1.32.6-1.1.s390x",
"product_id": "kubernetes1.32-kubelet-1.32.6-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-kubelet-common-1.32.6-1.1.s390x",
"product": {
"name": "kubernetes1.32-kubelet-common-1.32.6-1.1.s390x",
"product_id": "kubernetes1.32-kubelet-common-1.32.6-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-proxy-1.32.6-1.1.s390x",
"product": {
"name": "kubernetes1.32-proxy-1.32.6-1.1.s390x",
"product_id": "kubernetes1.32-proxy-1.32.6-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-scheduler-1.32.6-1.1.s390x",
"product": {
"name": "kubernetes1.32-scheduler-1.32.6-1.1.s390x",
"product_id": "kubernetes1.32-scheduler-1.32.6-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.32-apiserver-1.32.6-1.1.x86_64",
"product": {
"name": "kubernetes1.32-apiserver-1.32.6-1.1.x86_64",
"product_id": "kubernetes1.32-apiserver-1.32.6-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-client-1.32.6-1.1.x86_64",
"product": {
"name": "kubernetes1.32-client-1.32.6-1.1.x86_64",
"product_id": "kubernetes1.32-client-1.32.6-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-client-bash-completion-1.32.6-1.1.x86_64",
"product": {
"name": "kubernetes1.32-client-bash-completion-1.32.6-1.1.x86_64",
"product_id": "kubernetes1.32-client-bash-completion-1.32.6-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-client-common-1.32.6-1.1.x86_64",
"product": {
"name": "kubernetes1.32-client-common-1.32.6-1.1.x86_64",
"product_id": "kubernetes1.32-client-common-1.32.6-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-client-fish-completion-1.32.6-1.1.x86_64",
"product": {
"name": "kubernetes1.32-client-fish-completion-1.32.6-1.1.x86_64",
"product_id": "kubernetes1.32-client-fish-completion-1.32.6-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-controller-manager-1.32.6-1.1.x86_64",
"product": {
"name": "kubernetes1.32-controller-manager-1.32.6-1.1.x86_64",
"product_id": "kubernetes1.32-controller-manager-1.32.6-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-kubeadm-1.32.6-1.1.x86_64",
"product": {
"name": "kubernetes1.32-kubeadm-1.32.6-1.1.x86_64",
"product_id": "kubernetes1.32-kubeadm-1.32.6-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-kubelet-1.32.6-1.1.x86_64",
"product": {
"name": "kubernetes1.32-kubelet-1.32.6-1.1.x86_64",
"product_id": "kubernetes1.32-kubelet-1.32.6-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-kubelet-common-1.32.6-1.1.x86_64",
"product": {
"name": "kubernetes1.32-kubelet-common-1.32.6-1.1.x86_64",
"product_id": "kubernetes1.32-kubelet-common-1.32.6-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-proxy-1.32.6-1.1.x86_64",
"product": {
"name": "kubernetes1.32-proxy-1.32.6-1.1.x86_64",
"product_id": "kubernetes1.32-proxy-1.32.6-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.32-scheduler-1.32.6-1.1.x86_64",
"product": {
"name": "kubernetes1.32-scheduler-1.32.6-1.1.x86_64",
"product_id": "kubernetes1.32-scheduler-1.32.6-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-apiserver-1.32.6-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-apiserver-1.32.6-1.1.aarch64"
},
"product_reference": "kubernetes1.32-apiserver-1.32.6-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-apiserver-1.32.6-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-apiserver-1.32.6-1.1.ppc64le"
},
"product_reference": "kubernetes1.32-apiserver-1.32.6-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-apiserver-1.32.6-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-apiserver-1.32.6-1.1.s390x"
},
"product_reference": "kubernetes1.32-apiserver-1.32.6-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-apiserver-1.32.6-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-apiserver-1.32.6-1.1.x86_64"
},
"product_reference": "kubernetes1.32-apiserver-1.32.6-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-client-1.32.6-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-client-1.32.6-1.1.aarch64"
},
"product_reference": "kubernetes1.32-client-1.32.6-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-client-1.32.6-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-client-1.32.6-1.1.ppc64le"
},
"product_reference": "kubernetes1.32-client-1.32.6-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-client-1.32.6-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-client-1.32.6-1.1.s390x"
},
"product_reference": "kubernetes1.32-client-1.32.6-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-client-1.32.6-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-client-1.32.6-1.1.x86_64"
},
"product_reference": "kubernetes1.32-client-1.32.6-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-client-bash-completion-1.32.6-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-client-bash-completion-1.32.6-1.1.aarch64"
},
"product_reference": "kubernetes1.32-client-bash-completion-1.32.6-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-client-bash-completion-1.32.6-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-client-bash-completion-1.32.6-1.1.ppc64le"
},
"product_reference": "kubernetes1.32-client-bash-completion-1.32.6-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-client-bash-completion-1.32.6-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-client-bash-completion-1.32.6-1.1.s390x"
},
"product_reference": "kubernetes1.32-client-bash-completion-1.32.6-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-client-bash-completion-1.32.6-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-client-bash-completion-1.32.6-1.1.x86_64"
},
"product_reference": "kubernetes1.32-client-bash-completion-1.32.6-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-client-common-1.32.6-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-client-common-1.32.6-1.1.aarch64"
},
"product_reference": "kubernetes1.32-client-common-1.32.6-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-client-common-1.32.6-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-client-common-1.32.6-1.1.ppc64le"
},
"product_reference": "kubernetes1.32-client-common-1.32.6-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-client-common-1.32.6-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-client-common-1.32.6-1.1.s390x"
},
"product_reference": "kubernetes1.32-client-common-1.32.6-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-client-common-1.32.6-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-client-common-1.32.6-1.1.x86_64"
},
"product_reference": "kubernetes1.32-client-common-1.32.6-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-client-fish-completion-1.32.6-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-client-fish-completion-1.32.6-1.1.aarch64"
},
"product_reference": "kubernetes1.32-client-fish-completion-1.32.6-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-client-fish-completion-1.32.6-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-client-fish-completion-1.32.6-1.1.ppc64le"
},
"product_reference": "kubernetes1.32-client-fish-completion-1.32.6-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-client-fish-completion-1.32.6-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-client-fish-completion-1.32.6-1.1.s390x"
},
"product_reference": "kubernetes1.32-client-fish-completion-1.32.6-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-client-fish-completion-1.32.6-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-client-fish-completion-1.32.6-1.1.x86_64"
},
"product_reference": "kubernetes1.32-client-fish-completion-1.32.6-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-controller-manager-1.32.6-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-controller-manager-1.32.6-1.1.aarch64"
},
"product_reference": "kubernetes1.32-controller-manager-1.32.6-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-controller-manager-1.32.6-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-controller-manager-1.32.6-1.1.ppc64le"
},
"product_reference": "kubernetes1.32-controller-manager-1.32.6-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-controller-manager-1.32.6-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-controller-manager-1.32.6-1.1.s390x"
},
"product_reference": "kubernetes1.32-controller-manager-1.32.6-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-controller-manager-1.32.6-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-controller-manager-1.32.6-1.1.x86_64"
},
"product_reference": "kubernetes1.32-controller-manager-1.32.6-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-kubeadm-1.32.6-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-kubeadm-1.32.6-1.1.aarch64"
},
"product_reference": "kubernetes1.32-kubeadm-1.32.6-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-kubeadm-1.32.6-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-kubeadm-1.32.6-1.1.ppc64le"
},
"product_reference": "kubernetes1.32-kubeadm-1.32.6-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-kubeadm-1.32.6-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-kubeadm-1.32.6-1.1.s390x"
},
"product_reference": "kubernetes1.32-kubeadm-1.32.6-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-kubeadm-1.32.6-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-kubeadm-1.32.6-1.1.x86_64"
},
"product_reference": "kubernetes1.32-kubeadm-1.32.6-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-kubelet-1.32.6-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-kubelet-1.32.6-1.1.aarch64"
},
"product_reference": "kubernetes1.32-kubelet-1.32.6-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-kubelet-1.32.6-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-kubelet-1.32.6-1.1.ppc64le"
},
"product_reference": "kubernetes1.32-kubelet-1.32.6-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-kubelet-1.32.6-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-kubelet-1.32.6-1.1.s390x"
},
"product_reference": "kubernetes1.32-kubelet-1.32.6-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-kubelet-1.32.6-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-kubelet-1.32.6-1.1.x86_64"
},
"product_reference": "kubernetes1.32-kubelet-1.32.6-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-kubelet-common-1.32.6-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-kubelet-common-1.32.6-1.1.aarch64"
},
"product_reference": "kubernetes1.32-kubelet-common-1.32.6-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-kubelet-common-1.32.6-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-kubelet-common-1.32.6-1.1.ppc64le"
},
"product_reference": "kubernetes1.32-kubelet-common-1.32.6-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-kubelet-common-1.32.6-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-kubelet-common-1.32.6-1.1.s390x"
},
"product_reference": "kubernetes1.32-kubelet-common-1.32.6-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-kubelet-common-1.32.6-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-kubelet-common-1.32.6-1.1.x86_64"
},
"product_reference": "kubernetes1.32-kubelet-common-1.32.6-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-proxy-1.32.6-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-proxy-1.32.6-1.1.aarch64"
},
"product_reference": "kubernetes1.32-proxy-1.32.6-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-proxy-1.32.6-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-proxy-1.32.6-1.1.ppc64le"
},
"product_reference": "kubernetes1.32-proxy-1.32.6-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-proxy-1.32.6-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-proxy-1.32.6-1.1.s390x"
},
"product_reference": "kubernetes1.32-proxy-1.32.6-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-proxy-1.32.6-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-proxy-1.32.6-1.1.x86_64"
},
"product_reference": "kubernetes1.32-proxy-1.32.6-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-scheduler-1.32.6-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-scheduler-1.32.6-1.1.aarch64"
},
"product_reference": "kubernetes1.32-scheduler-1.32.6-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-scheduler-1.32.6-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-scheduler-1.32.6-1.1.ppc64le"
},
"product_reference": "kubernetes1.32-scheduler-1.32.6-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-scheduler-1.32.6-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-scheduler-1.32.6-1.1.s390x"
},
"product_reference": "kubernetes1.32-scheduler-1.32.6-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.32-scheduler-1.32.6-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes1.32-scheduler-1.32.6-1.1.x86_64"
},
"product_reference": "kubernetes1.32-scheduler-1.32.6-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kubernetes1.32-apiserver-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-apiserver-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-apiserver-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-apiserver-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-client-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-client-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-client-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-client-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-client-bash-completion-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-client-bash-completion-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-client-bash-completion-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-client-bash-completion-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-client-common-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-client-common-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-client-common-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-client-common-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-client-fish-completion-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-client-fish-completion-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-client-fish-completion-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-client-fish-completion-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-controller-manager-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-controller-manager-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-controller-manager-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-controller-manager-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-kubeadm-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-kubeadm-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-kubeadm-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-kubeadm-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-common-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-common-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-common-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-common-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-proxy-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-proxy-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-proxy-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-proxy-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-scheduler-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-scheduler-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-scheduler-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-scheduler-1.32.6-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kubernetes1.32-apiserver-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-apiserver-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-apiserver-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-apiserver-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-client-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-client-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-client-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-client-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-client-bash-completion-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-client-bash-completion-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-client-bash-completion-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-client-bash-completion-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-client-common-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-client-common-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-client-common-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-client-common-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-client-fish-completion-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-client-fish-completion-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-client-fish-completion-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-client-fish-completion-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-controller-manager-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-controller-manager-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-controller-manager-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-controller-manager-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-kubeadm-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-kubeadm-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-kubeadm-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-kubeadm-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-common-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-common-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-common-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-common-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-proxy-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-proxy-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-proxy-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-proxy-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-scheduler-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-scheduler-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-scheduler-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-scheduler-1.32.6-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kubernetes1.32-apiserver-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-apiserver-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-apiserver-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-apiserver-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-client-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-client-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-client-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-client-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-client-bash-completion-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-client-bash-completion-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-client-bash-completion-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-client-bash-completion-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-client-common-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-client-common-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-client-common-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-client-common-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-client-fish-completion-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-client-fish-completion-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-client-fish-completion-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-client-fish-completion-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-controller-manager-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-controller-manager-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-controller-manager-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-controller-manager-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-kubeadm-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-kubeadm-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-kubeadm-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-kubeadm-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-common-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-common-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-common-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-kubelet-common-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-proxy-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-proxy-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-proxy-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-proxy-1.32.6-1.1.x86_64",
"openSUSE Tumbleweed:kubernetes1.32-scheduler-1.32.6-1.1.aarch64",
"openSUSE Tumbleweed:kubernetes1.32-scheduler-1.32.6-1.1.ppc64le",
"openSUSE Tumbleweed:kubernetes1.32-scheduler-1.32.6-1.1.s390x",
"openSUSE Tumbleweed:kubernetes1.32-scheduler-1.32.6-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
}
]
}
OPENSUSE-SU-2025:15304-1
Vulnerability from csaf_opensuse - Published: 2025-07-03 00:00 - Updated: 2025-07-03 00:00Summary
traefik-3.4.3-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: traefik-3.4.3-1.1 on GA media
Description of the patch: These are all security issues fixed in the traefik-3.4.3-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2025-15304
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
9.1 (Critical)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
References
24 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "traefik-3.4.3-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the traefik-3.4.3-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15304",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15304-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-4533 page",
"url": "https://www.suse.com/security/cve/CVE-2024-4533/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45338 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45338/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22868 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22868/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22869 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-27144 page",
"url": "https://www.suse.com/security/cve/CVE-2025-27144/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47952 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47952/"
}
],
"title": "traefik-3.4.3-1.1 on GA media",
"tracking": {
"current_release_date": "2025-07-03T00:00:00Z",
"generator": {
"date": "2025-07-03T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15304-1",
"initial_release_date": "2025-07-03T00:00:00Z",
"revision_history": [
{
"date": "2025-07-03T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "traefik-3.4.3-1.1.aarch64",
"product": {
"name": "traefik-3.4.3-1.1.aarch64",
"product_id": "traefik-3.4.3-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "traefik-3.4.3-1.1.ppc64le",
"product": {
"name": "traefik-3.4.3-1.1.ppc64le",
"product_id": "traefik-3.4.3-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "traefik-3.4.3-1.1.s390x",
"product": {
"name": "traefik-3.4.3-1.1.s390x",
"product_id": "traefik-3.4.3-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "traefik-3.4.3-1.1.x86_64",
"product": {
"name": "traefik-3.4.3-1.1.x86_64",
"product_id": "traefik-3.4.3-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "traefik-3.4.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64"
},
"product_reference": "traefik-3.4.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "traefik-3.4.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le"
},
"product_reference": "traefik-3.4.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "traefik-3.4.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x"
},
"product_reference": "traefik-3.4.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "traefik-3.4.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
},
"product_reference": "traefik-3.4.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-4533",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-4533"
}
],
"notes": [
{
"category": "general",
"text": "The KKProgressbar2 Free WordPress plugin through 1.1.4.2 does not sanitize and escape a parameter before using it in a SQL statement, allowing admin users to perform SQL injection attacks",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-4533",
"url": "https://www.suse.com/security/cve/CVE-2024-4533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-4533"
},
{
"cve": "CVE-2024-45338",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45338"
}
],
"notes": [
{
"category": "general",
"text": "An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45338",
"url": "https://www.suse.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "SUSE Bug 1234794 for CVE-2024-45338",
"url": "https://bugzilla.suse.com/1234794"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-45338"
},
{
"cve": "CVE-2025-22868",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22868"
}
],
"notes": [
{
"category": "general",
"text": "An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22868",
"url": "https://www.suse.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "SUSE Bug 1239185 for CVE-2025-22868",
"url": "https://bugzilla.suse.com/1239185"
},
{
"category": "external",
"summary": "SUSE Bug 1239186 for CVE-2025-22868",
"url": "https://bugzilla.suse.com/1239186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-22868"
},
{
"cve": "CVE-2025-22869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22869"
}
],
"notes": [
{
"category": "general",
"text": "SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22869",
"url": "https://www.suse.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "SUSE Bug 1239322 for CVE-2025-22869",
"url": "https://bugzilla.suse.com/1239322"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-22869"
},
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
},
{
"cve": "CVE-2025-27144",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-27144"
}
],
"notes": [
{
"category": "general",
"text": "Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. In versions on the 4.x branch prior to version 4.0.5, when parsing compact JWS or JWE input, Go JOSE could use excessive memory. The code used strings.Split(token, \".\") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service. Version 4.0.5 fixes this issue. As a workaround, applications could pre-validate that payloads passed to Go JOSE do not contain an excessive number of `.` characters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-27144",
"url": "https://www.suse.com/security/cve/CVE-2025-27144"
},
{
"category": "external",
"summary": "SUSE Bug 1237608 for CVE-2025-27144",
"url": "https://bugzilla.suse.com/1237608"
},
{
"category": "external",
"summary": "SUSE Bug 1237609 for CVE-2025-27144",
"url": "https://bugzilla.suse.com/1237609"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-27144"
},
{
"cve": "CVE-2025-47952",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47952"
}
],
"notes": [
{
"category": "general",
"text": "Traefik (pronounced traffic) is an HTTP reverse proxy and load balancer. Prior to versions 2.11.25 and 3.4.1, there is a potential vulnerability in Traefik managing the requests using a PathPrefix, Path or PathRegex matcher. When Traefik is configured to route the requests to a backend using a matcher based on the path, if the URL contains a URL encoded string in its path, it\u0027s possible to target a backend, exposed using another router, by-passing the middlewares chain. This issue has been patched in versions 2.11.25 and 3.4.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47952",
"url": "https://www.suse.com/security/cve/CVE-2025-47952"
},
{
"category": "external",
"summary": "SUSE Bug 1243818 for CVE-2025-47952",
"url": "https://bugzilla.suse.com/1243818"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik-3.4.3-1.1.aarch64",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.s390x",
"openSUSE Tumbleweed:traefik-3.4.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2025-47952"
}
]
}
OPENSUSE-SU-2025:15305-1
Vulnerability from csaf_opensuse - Published: 2025-07-03 00:00 - Updated: 2025-07-03 00:00Summary
traefik2-2.11.26-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: traefik2-2.11.26-1.1 on GA media
Description of the patch: These are all security issues fixed in the traefik2-2.11.26-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2025-15305
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
4.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
9.1 (Critical)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
References
30 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "traefik2-2.11.26-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the traefik2-2.11.26-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15305",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15305-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-28180 page",
"url": "https://www.suse.com/security/cve/CVE-2024-28180/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45338 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45338/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22868 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22868/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22869 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22871 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-27144 page",
"url": "https://www.suse.com/security/cve/CVE-2025-27144/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-32431 page",
"url": "https://www.suse.com/security/cve/CVE-2025-32431/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47952 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47952/"
}
],
"title": "traefik2-2.11.26-1.1 on GA media",
"tracking": {
"current_release_date": "2025-07-03T00:00:00Z",
"generator": {
"date": "2025-07-03T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15305-1",
"initial_release_date": "2025-07-03T00:00:00Z",
"revision_history": [
{
"date": "2025-07-03T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "traefik2-2.11.26-1.1.aarch64",
"product": {
"name": "traefik2-2.11.26-1.1.aarch64",
"product_id": "traefik2-2.11.26-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "traefik2-2.11.26-1.1.ppc64le",
"product": {
"name": "traefik2-2.11.26-1.1.ppc64le",
"product_id": "traefik2-2.11.26-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "traefik2-2.11.26-1.1.s390x",
"product": {
"name": "traefik2-2.11.26-1.1.s390x",
"product_id": "traefik2-2.11.26-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "traefik2-2.11.26-1.1.x86_64",
"product": {
"name": "traefik2-2.11.26-1.1.x86_64",
"product_id": "traefik2-2.11.26-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "traefik2-2.11.26-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64"
},
"product_reference": "traefik2-2.11.26-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "traefik2-2.11.26-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le"
},
"product_reference": "traefik2-2.11.26-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "traefik2-2.11.26-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x"
},
"product_reference": "traefik2-2.11.26-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "traefik2-2.11.26-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
},
"product_reference": "traefik2-2.11.26-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-28180",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-28180"
}
],
"notes": [
{
"category": "general",
"text": "Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. An attacker could send a JWE containing compressed data that used large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti. Those functions now return an error if the decompressed data would exceed 250kB or 10x the compressed size (whichever is larger). This vulnerability has been patched in versions 4.0.1, 3.0.3 and 2.6.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-28180",
"url": "https://www.suse.com/security/cve/CVE-2024-28180"
},
{
"category": "external",
"summary": "SUSE Bug 1234984 for CVE-2024-28180",
"url": "https://bugzilla.suse.com/1234984"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-28180"
},
{
"cve": "CVE-2024-45338",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45338"
}
],
"notes": [
{
"category": "general",
"text": "An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45338",
"url": "https://www.suse.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "SUSE Bug 1234794 for CVE-2024-45338",
"url": "https://bugzilla.suse.com/1234794"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-45338"
},
{
"cve": "CVE-2025-22868",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22868"
}
],
"notes": [
{
"category": "general",
"text": "An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22868",
"url": "https://www.suse.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "SUSE Bug 1239185 for CVE-2025-22868",
"url": "https://bugzilla.suse.com/1239185"
},
{
"category": "external",
"summary": "SUSE Bug 1239186 for CVE-2025-22868",
"url": "https://bugzilla.suse.com/1239186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-22868"
},
{
"cve": "CVE-2025-22869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22869"
}
],
"notes": [
{
"category": "general",
"text": "SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22869",
"url": "https://www.suse.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "SUSE Bug 1239322 for CVE-2025-22869",
"url": "https://bugzilla.suse.com/1239322"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-22869"
},
{
"cve": "CVE-2025-22871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22871"
}
],
"notes": [
{
"category": "general",
"text": "The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22871",
"url": "https://www.suse.com/security/cve/CVE-2025-22871"
},
{
"category": "external",
"summary": "SUSE Bug 1240550 for CVE-2025-22871",
"url": "https://bugzilla.suse.com/1240550"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-22871"
},
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
},
{
"cve": "CVE-2025-27144",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-27144"
}
],
"notes": [
{
"category": "general",
"text": "Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. In versions on the 4.x branch prior to version 4.0.5, when parsing compact JWS or JWE input, Go JOSE could use excessive memory. The code used strings.Split(token, \".\") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service. Version 4.0.5 fixes this issue. As a workaround, applications could pre-validate that payloads passed to Go JOSE do not contain an excessive number of `.` characters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-27144",
"url": "https://www.suse.com/security/cve/CVE-2025-27144"
},
{
"category": "external",
"summary": "SUSE Bug 1237608 for CVE-2025-27144",
"url": "https://bugzilla.suse.com/1237608"
},
{
"category": "external",
"summary": "SUSE Bug 1237609 for CVE-2025-27144",
"url": "https://bugzilla.suse.com/1237609"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-27144"
},
{
"cve": "CVE-2025-32431",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-32431"
}
],
"notes": [
{
"category": "general",
"text": "Traefik (pronounced traffic) is an HTTP reverse proxy and load balancer. In versions prior to 2.11.24, 3.3.6, and 3.4.0-rc2. There is a potential vulnerability in Traefik managing the requests using a PathPrefix, Path or PathRegex matcher. When Traefik is configured to route the requests to a backend using a matcher based on the path, if the URL contains a /../ in its path, it\u0027s possible to target a backend, exposed using another router, by-passing the middlewares chain. This issue has been patched in versions 2.11.24, 3.3.6, and 3.4.0-rc2. A workaround involves adding a `PathRegexp` rule to the matcher to prevent matching a route with a `/../` in the path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-32431",
"url": "https://www.suse.com/security/cve/CVE-2025-32431"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-32431"
},
{
"cve": "CVE-2025-47952",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47952"
}
],
"notes": [
{
"category": "general",
"text": "Traefik (pronounced traffic) is an HTTP reverse proxy and load balancer. Prior to versions 2.11.25 and 3.4.1, there is a potential vulnerability in Traefik managing the requests using a PathPrefix, Path or PathRegex matcher. When Traefik is configured to route the requests to a backend using a matcher based on the path, if the URL contains a URL encoded string in its path, it\u0027s possible to target a backend, exposed using another router, by-passing the middlewares chain. This issue has been patched in versions 2.11.25 and 3.4.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47952",
"url": "https://www.suse.com/security/cve/CVE-2025-47952"
},
{
"category": "external",
"summary": "SUSE Bug 1243818 for CVE-2025-47952",
"url": "https://bugzilla.suse.com/1243818"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.26-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2025-47952"
}
]
}
OPENSUSE-SU-2025:15454-1
Vulnerability from csaf_opensuse - Published: 2025-08-15 00:00 - Updated: 2025-08-15 00:00Summary
trivy-0.65.0-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: trivy-0.65.0-1.1 on GA media
Description of the patch: These are all security issues fixed in the trivy-0.65.0-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2025-15454
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.65.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.65.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.65.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.65.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.65.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.65.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.65.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.65.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.65.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.65.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.65.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.65.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.65.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.65.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.65.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.65.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.2 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.65.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.65.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.65.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.65.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
19 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "trivy-0.65.0-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the trivy-0.65.0-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15454",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15454-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22868 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22868/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22869 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-30204 page",
"url": "https://www.suse.com/security/cve/CVE-2025-30204/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47291 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47291/"
}
],
"title": "trivy-0.65.0-1.1 on GA media",
"tracking": {
"current_release_date": "2025-08-15T00:00:00Z",
"generator": {
"date": "2025-08-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15454-1",
"initial_release_date": "2025-08-15T00:00:00Z",
"revision_history": [
{
"date": "2025-08-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "trivy-0.65.0-1.1.aarch64",
"product": {
"name": "trivy-0.65.0-1.1.aarch64",
"product_id": "trivy-0.65.0-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "trivy-0.65.0-1.1.ppc64le",
"product": {
"name": "trivy-0.65.0-1.1.ppc64le",
"product_id": "trivy-0.65.0-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "trivy-0.65.0-1.1.s390x",
"product": {
"name": "trivy-0.65.0-1.1.s390x",
"product_id": "trivy-0.65.0-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "trivy-0.65.0-1.1.x86_64",
"product": {
"name": "trivy-0.65.0-1.1.x86_64",
"product_id": "trivy-0.65.0-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "trivy-0.65.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:trivy-0.65.0-1.1.aarch64"
},
"product_reference": "trivy-0.65.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "trivy-0.65.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:trivy-0.65.0-1.1.ppc64le"
},
"product_reference": "trivy-0.65.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "trivy-0.65.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:trivy-0.65.0-1.1.s390x"
},
"product_reference": "trivy-0.65.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "trivy-0.65.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:trivy-0.65.0-1.1.x86_64"
},
"product_reference": "trivy-0.65.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22868",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22868"
}
],
"notes": [
{
"category": "general",
"text": "An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:trivy-0.65.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22868",
"url": "https://www.suse.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "SUSE Bug 1239185 for CVE-2025-22868",
"url": "https://bugzilla.suse.com/1239185"
},
{
"category": "external",
"summary": "SUSE Bug 1239186 for CVE-2025-22868",
"url": "https://bugzilla.suse.com/1239186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:trivy-0.65.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:trivy-0.65.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-22868"
},
{
"cve": "CVE-2025-22869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22869"
}
],
"notes": [
{
"category": "general",
"text": "SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:trivy-0.65.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22869",
"url": "https://www.suse.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "SUSE Bug 1239322 for CVE-2025-22869",
"url": "https://bugzilla.suse.com/1239322"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:trivy-0.65.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:trivy-0.65.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-22869"
},
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:trivy-0.65.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:trivy-0.65.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:trivy-0.65.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
},
{
"cve": "CVE-2025-30204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-30204"
}
],
"notes": [
{
"category": "general",
"text": "golang-jwt is a Go implementation of JSON Web Tokens. Starting in version 3.2.0 and prior to versions 5.2.2 and 4.5.2, the function parse.ParseUnverified splits (via a call to strings.Split) its argument (which is untrusted data) on periods. As a result, in the face of a malicious request whose Authorization header consists of Bearer followed by many period characters, a call to that function incurs allocations to the tune of O(n) bytes (where n stands for the length of the function\u0027s argument), with a constant factor of about 16. This issue is fixed in 5.2.2 and 4.5.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:trivy-0.65.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-30204",
"url": "https://www.suse.com/security/cve/CVE-2025-30204"
},
{
"category": "external",
"summary": "SUSE Bug 1240441 for CVE-2025-30204",
"url": "https://bugzilla.suse.com/1240441"
},
{
"category": "external",
"summary": "SUSE Bug 1240442 for CVE-2025-30204",
"url": "https://bugzilla.suse.com/1240442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:trivy-0.65.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:trivy-0.65.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-30204"
},
{
"cve": "CVE-2025-47291",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47291"
}
],
"notes": [
{
"category": "general",
"text": "containerd is an open-source container runtime. A bug was found in the containerd\u0027s CRI implementation where containerd, starting in version 2.0.1 and prior to version 2.0.5, doesn\u0027t put usernamespaced containers under the Kubernetes\u0027 cgroup hierarchy, therefore some Kubernetes limits are not honored. This may cause a denial of service of the Kubernetes node. This bug has been fixed in containerd 2.0.5+ and 2.1.0+. Users should update to these versions to resolve the issue. As a workaround, disable usernamespaced pods in Kubernetes temporarily.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:trivy-0.65.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47291",
"url": "https://www.suse.com/security/cve/CVE-2025-47291"
},
{
"category": "external",
"summary": "SUSE Bug 1243632 for CVE-2025-47291",
"url": "https://bugzilla.suse.com/1243632"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:trivy-0.65.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:trivy-0.65.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.65.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-47291"
}
]
}
OPENSUSE-SU-2025:15462-1
Vulnerability from csaf_opensuse - Published: 2025-08-19 00:00 - Updated: 2025-08-19 00:00Summary
go-sendxmpp-0.15.0-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: go-sendxmpp-0.15.0-1.1 on GA media
Description of the patch: These are all security issues fixed in the go-sendxmpp-0.15.0-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2025-15462
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:go-sendxmpp-0.15.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go-sendxmpp-0.15.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go-sendxmpp-0.15.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go-sendxmpp-0.15.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
5 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "go-sendxmpp-0.15.0-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the go-sendxmpp-0.15.0-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15462",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15462-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
}
],
"title": "go-sendxmpp-0.15.0-1.1 on GA media",
"tracking": {
"current_release_date": "2025-08-19T00:00:00Z",
"generator": {
"date": "2025-08-19T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15462-1",
"initial_release_date": "2025-08-19T00:00:00Z",
"revision_history": [
{
"date": "2025-08-19T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go-sendxmpp-0.15.0-1.1.aarch64",
"product": {
"name": "go-sendxmpp-0.15.0-1.1.aarch64",
"product_id": "go-sendxmpp-0.15.0-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-sendxmpp-0.15.0-1.1.ppc64le",
"product": {
"name": "go-sendxmpp-0.15.0-1.1.ppc64le",
"product_id": "go-sendxmpp-0.15.0-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go-sendxmpp-0.15.0-1.1.s390x",
"product": {
"name": "go-sendxmpp-0.15.0-1.1.s390x",
"product_id": "go-sendxmpp-0.15.0-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go-sendxmpp-0.15.0-1.1.x86_64",
"product": {
"name": "go-sendxmpp-0.15.0-1.1.x86_64",
"product_id": "go-sendxmpp-0.15.0-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go-sendxmpp-0.15.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go-sendxmpp-0.15.0-1.1.aarch64"
},
"product_reference": "go-sendxmpp-0.15.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-sendxmpp-0.15.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go-sendxmpp-0.15.0-1.1.ppc64le"
},
"product_reference": "go-sendxmpp-0.15.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-sendxmpp-0.15.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go-sendxmpp-0.15.0-1.1.s390x"
},
"product_reference": "go-sendxmpp-0.15.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-sendxmpp-0.15.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go-sendxmpp-0.15.0-1.1.x86_64"
},
"product_reference": "go-sendxmpp-0.15.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go-sendxmpp-0.15.0-1.1.aarch64",
"openSUSE Tumbleweed:go-sendxmpp-0.15.0-1.1.ppc64le",
"openSUSE Tumbleweed:go-sendxmpp-0.15.0-1.1.s390x",
"openSUSE Tumbleweed:go-sendxmpp-0.15.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go-sendxmpp-0.15.0-1.1.aarch64",
"openSUSE Tumbleweed:go-sendxmpp-0.15.0-1.1.ppc64le",
"openSUSE Tumbleweed:go-sendxmpp-0.15.0-1.1.s390x",
"openSUSE Tumbleweed:go-sendxmpp-0.15.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:go-sendxmpp-0.15.0-1.1.aarch64",
"openSUSE Tumbleweed:go-sendxmpp-0.15.0-1.1.ppc64le",
"openSUSE Tumbleweed:go-sendxmpp-0.15.0-1.1.s390x",
"openSUSE Tumbleweed:go-sendxmpp-0.15.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-19T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
}
]
}
OPENSUSE-SU-2025:15772-1
Vulnerability from csaf_opensuse - Published: 2025-11-26 00:00 - Updated: 2025-11-26 00:00Summary
kubevirt-container-disk-1.6.3-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: kubevirt-container-disk-1.6.3-1.1 on GA media
Description of the patch: These are all security issues fixed in the kubevirt-container-disk-1.6.3-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2025-15772
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.5 (Medium)
Affected products
Recommended
56 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
56 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
56 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
References
11 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "kubevirt-container-disk-1.6.3-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the kubevirt-container-disk-1.6.3-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15772",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15772-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-64433 page",
"url": "https://www.suse.com/security/cve/CVE-2025-64433/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-64437 page",
"url": "https://www.suse.com/security/cve/CVE-2025-64437/"
}
],
"title": "kubevirt-container-disk-1.6.3-1.1 on GA media",
"tracking": {
"current_release_date": "2025-11-26T00:00:00Z",
"generator": {
"date": "2025-11-26T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15772-1",
"initial_release_date": "2025-11-26T00:00:00Z",
"revision_history": [
{
"date": "2025-11-26T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kubevirt-container-disk-1.6.3-1.1.aarch64",
"product": {
"name": "kubevirt-container-disk-1.6.3-1.1.aarch64",
"product_id": "kubevirt-container-disk-1.6.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt-manifests-1.6.3-1.1.aarch64",
"product": {
"name": "kubevirt-manifests-1.6.3-1.1.aarch64",
"product_id": "kubevirt-manifests-1.6.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt-pr-helper-conf-1.6.3-1.1.aarch64",
"product": {
"name": "kubevirt-pr-helper-conf-1.6.3-1.1.aarch64",
"product_id": "kubevirt-pr-helper-conf-1.6.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt-sidecar-shim-1.6.3-1.1.aarch64",
"product": {
"name": "kubevirt-sidecar-shim-1.6.3-1.1.aarch64",
"product_id": "kubevirt-sidecar-shim-1.6.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt-tests-1.6.3-1.1.aarch64",
"product": {
"name": "kubevirt-tests-1.6.3-1.1.aarch64",
"product_id": "kubevirt-tests-1.6.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-api-1.6.3-1.1.aarch64",
"product": {
"name": "kubevirt-virt-api-1.6.3-1.1.aarch64",
"product_id": "kubevirt-virt-api-1.6.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-controller-1.6.3-1.1.aarch64",
"product": {
"name": "kubevirt-virt-controller-1.6.3-1.1.aarch64",
"product_id": "kubevirt-virt-controller-1.6.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-exportproxy-1.6.3-1.1.aarch64",
"product": {
"name": "kubevirt-virt-exportproxy-1.6.3-1.1.aarch64",
"product_id": "kubevirt-virt-exportproxy-1.6.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-exportserver-1.6.3-1.1.aarch64",
"product": {
"name": "kubevirt-virt-exportserver-1.6.3-1.1.aarch64",
"product_id": "kubevirt-virt-exportserver-1.6.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-handler-1.6.3-1.1.aarch64",
"product": {
"name": "kubevirt-virt-handler-1.6.3-1.1.aarch64",
"product_id": "kubevirt-virt-handler-1.6.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-launcher-1.6.3-1.1.aarch64",
"product": {
"name": "kubevirt-virt-launcher-1.6.3-1.1.aarch64",
"product_id": "kubevirt-virt-launcher-1.6.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-operator-1.6.3-1.1.aarch64",
"product": {
"name": "kubevirt-virt-operator-1.6.3-1.1.aarch64",
"product_id": "kubevirt-virt-operator-1.6.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt-virtctl-1.6.3-1.1.aarch64",
"product": {
"name": "kubevirt-virtctl-1.6.3-1.1.aarch64",
"product_id": "kubevirt-virtctl-1.6.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "obs-service-kubevirt_containers_meta-1.6.3-1.1.aarch64",
"product": {
"name": "obs-service-kubevirt_containers_meta-1.6.3-1.1.aarch64",
"product_id": "obs-service-kubevirt_containers_meta-1.6.3-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kubevirt-container-disk-1.6.3-1.1.ppc64le",
"product": {
"name": "kubevirt-container-disk-1.6.3-1.1.ppc64le",
"product_id": "kubevirt-container-disk-1.6.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubevirt-manifests-1.6.3-1.1.ppc64le",
"product": {
"name": "kubevirt-manifests-1.6.3-1.1.ppc64le",
"product_id": "kubevirt-manifests-1.6.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubevirt-pr-helper-conf-1.6.3-1.1.ppc64le",
"product": {
"name": "kubevirt-pr-helper-conf-1.6.3-1.1.ppc64le",
"product_id": "kubevirt-pr-helper-conf-1.6.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubevirt-sidecar-shim-1.6.3-1.1.ppc64le",
"product": {
"name": "kubevirt-sidecar-shim-1.6.3-1.1.ppc64le",
"product_id": "kubevirt-sidecar-shim-1.6.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubevirt-tests-1.6.3-1.1.ppc64le",
"product": {
"name": "kubevirt-tests-1.6.3-1.1.ppc64le",
"product_id": "kubevirt-tests-1.6.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-api-1.6.3-1.1.ppc64le",
"product": {
"name": "kubevirt-virt-api-1.6.3-1.1.ppc64le",
"product_id": "kubevirt-virt-api-1.6.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-controller-1.6.3-1.1.ppc64le",
"product": {
"name": "kubevirt-virt-controller-1.6.3-1.1.ppc64le",
"product_id": "kubevirt-virt-controller-1.6.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-exportproxy-1.6.3-1.1.ppc64le",
"product": {
"name": "kubevirt-virt-exportproxy-1.6.3-1.1.ppc64le",
"product_id": "kubevirt-virt-exportproxy-1.6.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-exportserver-1.6.3-1.1.ppc64le",
"product": {
"name": "kubevirt-virt-exportserver-1.6.3-1.1.ppc64le",
"product_id": "kubevirt-virt-exportserver-1.6.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-handler-1.6.3-1.1.ppc64le",
"product": {
"name": "kubevirt-virt-handler-1.6.3-1.1.ppc64le",
"product_id": "kubevirt-virt-handler-1.6.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-launcher-1.6.3-1.1.ppc64le",
"product": {
"name": "kubevirt-virt-launcher-1.6.3-1.1.ppc64le",
"product_id": "kubevirt-virt-launcher-1.6.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-operator-1.6.3-1.1.ppc64le",
"product": {
"name": "kubevirt-virt-operator-1.6.3-1.1.ppc64le",
"product_id": "kubevirt-virt-operator-1.6.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubevirt-virtctl-1.6.3-1.1.ppc64le",
"product": {
"name": "kubevirt-virtctl-1.6.3-1.1.ppc64le",
"product_id": "kubevirt-virtctl-1.6.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "obs-service-kubevirt_containers_meta-1.6.3-1.1.ppc64le",
"product": {
"name": "obs-service-kubevirt_containers_meta-1.6.3-1.1.ppc64le",
"product_id": "obs-service-kubevirt_containers_meta-1.6.3-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kubevirt-container-disk-1.6.3-1.1.s390x",
"product": {
"name": "kubevirt-container-disk-1.6.3-1.1.s390x",
"product_id": "kubevirt-container-disk-1.6.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubevirt-manifests-1.6.3-1.1.s390x",
"product": {
"name": "kubevirt-manifests-1.6.3-1.1.s390x",
"product_id": "kubevirt-manifests-1.6.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubevirt-pr-helper-conf-1.6.3-1.1.s390x",
"product": {
"name": "kubevirt-pr-helper-conf-1.6.3-1.1.s390x",
"product_id": "kubevirt-pr-helper-conf-1.6.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubevirt-sidecar-shim-1.6.3-1.1.s390x",
"product": {
"name": "kubevirt-sidecar-shim-1.6.3-1.1.s390x",
"product_id": "kubevirt-sidecar-shim-1.6.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubevirt-tests-1.6.3-1.1.s390x",
"product": {
"name": "kubevirt-tests-1.6.3-1.1.s390x",
"product_id": "kubevirt-tests-1.6.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-api-1.6.3-1.1.s390x",
"product": {
"name": "kubevirt-virt-api-1.6.3-1.1.s390x",
"product_id": "kubevirt-virt-api-1.6.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-controller-1.6.3-1.1.s390x",
"product": {
"name": "kubevirt-virt-controller-1.6.3-1.1.s390x",
"product_id": "kubevirt-virt-controller-1.6.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-exportproxy-1.6.3-1.1.s390x",
"product": {
"name": "kubevirt-virt-exportproxy-1.6.3-1.1.s390x",
"product_id": "kubevirt-virt-exportproxy-1.6.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-exportserver-1.6.3-1.1.s390x",
"product": {
"name": "kubevirt-virt-exportserver-1.6.3-1.1.s390x",
"product_id": "kubevirt-virt-exportserver-1.6.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-handler-1.6.3-1.1.s390x",
"product": {
"name": "kubevirt-virt-handler-1.6.3-1.1.s390x",
"product_id": "kubevirt-virt-handler-1.6.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-launcher-1.6.3-1.1.s390x",
"product": {
"name": "kubevirt-virt-launcher-1.6.3-1.1.s390x",
"product_id": "kubevirt-virt-launcher-1.6.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-operator-1.6.3-1.1.s390x",
"product": {
"name": "kubevirt-virt-operator-1.6.3-1.1.s390x",
"product_id": "kubevirt-virt-operator-1.6.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubevirt-virtctl-1.6.3-1.1.s390x",
"product": {
"name": "kubevirt-virtctl-1.6.3-1.1.s390x",
"product_id": "kubevirt-virtctl-1.6.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "obs-service-kubevirt_containers_meta-1.6.3-1.1.s390x",
"product": {
"name": "obs-service-kubevirt_containers_meta-1.6.3-1.1.s390x",
"product_id": "obs-service-kubevirt_containers_meta-1.6.3-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kubevirt-container-disk-1.6.3-1.1.x86_64",
"product": {
"name": "kubevirt-container-disk-1.6.3-1.1.x86_64",
"product_id": "kubevirt-container-disk-1.6.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt-manifests-1.6.3-1.1.x86_64",
"product": {
"name": "kubevirt-manifests-1.6.3-1.1.x86_64",
"product_id": "kubevirt-manifests-1.6.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt-pr-helper-conf-1.6.3-1.1.x86_64",
"product": {
"name": "kubevirt-pr-helper-conf-1.6.3-1.1.x86_64",
"product_id": "kubevirt-pr-helper-conf-1.6.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt-sidecar-shim-1.6.3-1.1.x86_64",
"product": {
"name": "kubevirt-sidecar-shim-1.6.3-1.1.x86_64",
"product_id": "kubevirt-sidecar-shim-1.6.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt-tests-1.6.3-1.1.x86_64",
"product": {
"name": "kubevirt-tests-1.6.3-1.1.x86_64",
"product_id": "kubevirt-tests-1.6.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-api-1.6.3-1.1.x86_64",
"product": {
"name": "kubevirt-virt-api-1.6.3-1.1.x86_64",
"product_id": "kubevirt-virt-api-1.6.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-controller-1.6.3-1.1.x86_64",
"product": {
"name": "kubevirt-virt-controller-1.6.3-1.1.x86_64",
"product_id": "kubevirt-virt-controller-1.6.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-exportproxy-1.6.3-1.1.x86_64",
"product": {
"name": "kubevirt-virt-exportproxy-1.6.3-1.1.x86_64",
"product_id": "kubevirt-virt-exportproxy-1.6.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-exportserver-1.6.3-1.1.x86_64",
"product": {
"name": "kubevirt-virt-exportserver-1.6.3-1.1.x86_64",
"product_id": "kubevirt-virt-exportserver-1.6.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-handler-1.6.3-1.1.x86_64",
"product": {
"name": "kubevirt-virt-handler-1.6.3-1.1.x86_64",
"product_id": "kubevirt-virt-handler-1.6.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-launcher-1.6.3-1.1.x86_64",
"product": {
"name": "kubevirt-virt-launcher-1.6.3-1.1.x86_64",
"product_id": "kubevirt-virt-launcher-1.6.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-operator-1.6.3-1.1.x86_64",
"product": {
"name": "kubevirt-virt-operator-1.6.3-1.1.x86_64",
"product_id": "kubevirt-virt-operator-1.6.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt-virtctl-1.6.3-1.1.x86_64",
"product": {
"name": "kubevirt-virtctl-1.6.3-1.1.x86_64",
"product_id": "kubevirt-virtctl-1.6.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "obs-service-kubevirt_containers_meta-1.6.3-1.1.x86_64",
"product": {
"name": "obs-service-kubevirt_containers_meta-1.6.3-1.1.x86_64",
"product_id": "obs-service-kubevirt_containers_meta-1.6.3-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-container-disk-1.6.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.aarch64"
},
"product_reference": "kubevirt-container-disk-1.6.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-container-disk-1.6.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.ppc64le"
},
"product_reference": "kubevirt-container-disk-1.6.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-container-disk-1.6.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.s390x"
},
"product_reference": "kubevirt-container-disk-1.6.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-container-disk-1.6.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.x86_64"
},
"product_reference": "kubevirt-container-disk-1.6.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-manifests-1.6.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.aarch64"
},
"product_reference": "kubevirt-manifests-1.6.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-manifests-1.6.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.ppc64le"
},
"product_reference": "kubevirt-manifests-1.6.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-manifests-1.6.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.s390x"
},
"product_reference": "kubevirt-manifests-1.6.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-manifests-1.6.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.x86_64"
},
"product_reference": "kubevirt-manifests-1.6.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-pr-helper-conf-1.6.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.aarch64"
},
"product_reference": "kubevirt-pr-helper-conf-1.6.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-pr-helper-conf-1.6.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.ppc64le"
},
"product_reference": "kubevirt-pr-helper-conf-1.6.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-pr-helper-conf-1.6.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.s390x"
},
"product_reference": "kubevirt-pr-helper-conf-1.6.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-pr-helper-conf-1.6.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.x86_64"
},
"product_reference": "kubevirt-pr-helper-conf-1.6.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-sidecar-shim-1.6.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.aarch64"
},
"product_reference": "kubevirt-sidecar-shim-1.6.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-sidecar-shim-1.6.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.ppc64le"
},
"product_reference": "kubevirt-sidecar-shim-1.6.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-sidecar-shim-1.6.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.s390x"
},
"product_reference": "kubevirt-sidecar-shim-1.6.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-sidecar-shim-1.6.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.x86_64"
},
"product_reference": "kubevirt-sidecar-shim-1.6.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-tests-1.6.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.aarch64"
},
"product_reference": "kubevirt-tests-1.6.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-tests-1.6.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.ppc64le"
},
"product_reference": "kubevirt-tests-1.6.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-tests-1.6.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.s390x"
},
"product_reference": "kubevirt-tests-1.6.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-tests-1.6.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.x86_64"
},
"product_reference": "kubevirt-tests-1.6.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virt-api-1.6.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.aarch64"
},
"product_reference": "kubevirt-virt-api-1.6.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virt-api-1.6.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.ppc64le"
},
"product_reference": "kubevirt-virt-api-1.6.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virt-api-1.6.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.s390x"
},
"product_reference": "kubevirt-virt-api-1.6.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virt-api-1.6.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.x86_64"
},
"product_reference": "kubevirt-virt-api-1.6.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virt-controller-1.6.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.aarch64"
},
"product_reference": "kubevirt-virt-controller-1.6.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virt-controller-1.6.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.ppc64le"
},
"product_reference": "kubevirt-virt-controller-1.6.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virt-controller-1.6.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.s390x"
},
"product_reference": "kubevirt-virt-controller-1.6.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virt-controller-1.6.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.x86_64"
},
"product_reference": "kubevirt-virt-controller-1.6.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virt-exportproxy-1.6.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.aarch64"
},
"product_reference": "kubevirt-virt-exportproxy-1.6.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virt-exportproxy-1.6.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.ppc64le"
},
"product_reference": "kubevirt-virt-exportproxy-1.6.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virt-exportproxy-1.6.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.s390x"
},
"product_reference": "kubevirt-virt-exportproxy-1.6.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virt-exportproxy-1.6.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.x86_64"
},
"product_reference": "kubevirt-virt-exportproxy-1.6.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virt-exportserver-1.6.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.aarch64"
},
"product_reference": "kubevirt-virt-exportserver-1.6.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virt-exportserver-1.6.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.ppc64le"
},
"product_reference": "kubevirt-virt-exportserver-1.6.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virt-exportserver-1.6.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.s390x"
},
"product_reference": "kubevirt-virt-exportserver-1.6.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virt-exportserver-1.6.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.x86_64"
},
"product_reference": "kubevirt-virt-exportserver-1.6.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virt-handler-1.6.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.aarch64"
},
"product_reference": "kubevirt-virt-handler-1.6.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virt-handler-1.6.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.ppc64le"
},
"product_reference": "kubevirt-virt-handler-1.6.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virt-handler-1.6.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.s390x"
},
"product_reference": "kubevirt-virt-handler-1.6.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virt-handler-1.6.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.x86_64"
},
"product_reference": "kubevirt-virt-handler-1.6.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virt-launcher-1.6.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.aarch64"
},
"product_reference": "kubevirt-virt-launcher-1.6.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virt-launcher-1.6.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.ppc64le"
},
"product_reference": "kubevirt-virt-launcher-1.6.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virt-launcher-1.6.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.s390x"
},
"product_reference": "kubevirt-virt-launcher-1.6.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virt-launcher-1.6.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.x86_64"
},
"product_reference": "kubevirt-virt-launcher-1.6.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virt-operator-1.6.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.aarch64"
},
"product_reference": "kubevirt-virt-operator-1.6.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virt-operator-1.6.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.ppc64le"
},
"product_reference": "kubevirt-virt-operator-1.6.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virt-operator-1.6.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.s390x"
},
"product_reference": "kubevirt-virt-operator-1.6.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virt-operator-1.6.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.x86_64"
},
"product_reference": "kubevirt-virt-operator-1.6.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virtctl-1.6.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.aarch64"
},
"product_reference": "kubevirt-virtctl-1.6.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virtctl-1.6.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.ppc64le"
},
"product_reference": "kubevirt-virtctl-1.6.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virtctl-1.6.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.s390x"
},
"product_reference": "kubevirt-virtctl-1.6.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virtctl-1.6.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.x86_64"
},
"product_reference": "kubevirt-virtctl-1.6.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "obs-service-kubevirt_containers_meta-1.6.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.aarch64"
},
"product_reference": "obs-service-kubevirt_containers_meta-1.6.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "obs-service-kubevirt_containers_meta-1.6.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.ppc64le"
},
"product_reference": "obs-service-kubevirt_containers_meta-1.6.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "obs-service-kubevirt_containers_meta-1.6.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.s390x"
},
"product_reference": "obs-service-kubevirt_containers_meta-1.6.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "obs-service-kubevirt_containers_meta-1.6.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.x86_64"
},
"product_reference": "obs-service-kubevirt_containers_meta-1.6.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-26T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
},
{
"cve": "CVE-2025-64433",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-64433"
}
],
"notes": [
{
"category": "general",
"text": "KubeVirt is a virtual machine management add-on for Kubernetes. Prior to 1.5.3 and 1.6.1, a vulnerability was discovered that allows a VM to read arbitrary files from the virt-launcher pod\u0027s file system. This issue stems from improper symlink handling when mounting PVC disks into a VM. Specifically, if a malicious user has full or partial control over the contents of a PVC, they can create a symbolic link that points to a file within the virt-launcher pod\u0027s file system. Since libvirt can treat regular files as block devices, any file on the pod\u0027s file system that is symlinked in this way can be mounted into the VM and subsequently read. Although a security mechanism exists where VMs are executed as an unprivileged user with UID 107 inside the virt-launcher container, limiting the scope of accessible resources, this restriction is bypassed due to a second vulnerability. The latter causes the ownership of any file intended for mounting to be changed to the unprivileged user with UID 107 prior to mounting. As a result, an attacker can gain access to and read arbitrary files located within the virt-launcher pod\u0027s file system or on a mounted PVC from within the guest VM. This vulnerability is fixed in 1.5.3 and 1.6.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-64433",
"url": "https://www.suse.com/security/cve/CVE-2025-64433"
},
{
"category": "external",
"summary": "SUSE Bug 1253185 for CVE-2025-64433",
"url": "https://bugzilla.suse.com/1253185"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-26T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-64433"
},
{
"cve": "CVE-2025-64437",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-64437"
}
],
"notes": [
{
"category": "general",
"text": "KubeVirt is a virtual machine management add-on for Kubernetes. In versions before 1.5.3 and 1.6.1, the virt-handler does not verify whether the launcher-sock is a symlink or a regular file. This oversight can be exploited, for example, to change the ownership of arbitrary files on the host node to the unprivileged user with UID 107 (the same user used by virt-launcher) thus, compromising the CIA (Confidentiality, Integrity and Availability) of data on the host. To successfully exploit this vulnerability, an attacker should be in control of the file system of the virt-launcher pod. This vulnerability is fixed in 1.5.3 and 1.6.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-64437",
"url": "https://www.suse.com/security/cve/CVE-2025-64437"
},
{
"category": "external",
"summary": "SUSE Bug 1253194 for CVE-2025-64437",
"url": "https://bugzilla.suse.com/1253194"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-container-disk-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-manifests-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-pr-helper-conf-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-sidecar-shim-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-tests-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-api-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-controller-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-exportproxy-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-exportserver-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-handler-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-launcher-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virt-operator-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt-virtctl-1.6.3-1.1.x86_64",
"openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.aarch64",
"openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.s390x",
"openSUSE Tumbleweed:obs-service-kubevirt_containers_meta-1.6.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-26T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2025-64437"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…