Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-32414 (GCVE-0-2025-32414)
Vulnerability from cvelistv5 – Published: 2025-04-08 00:00 – Updated: 2025-11-03 19:53
VLAI
EPSS
Summary
In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters.
Severity
5.6 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-393 - Return of Wrong Status Code
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-32414",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-09T14:56:33.455181Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-09T14:57:02.635Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/889"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:53:25.162Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00041.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "libxml2",
"vendor": "xmlsoft",
"versions": [
{
"lessThan": "2.13.8",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "2.14.2",
"status": "affected",
"version": "2.14.0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.13.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.14.2",
"versionStartIncluding": "2.14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-393",
"description": "CWE-393 Return of Wrong Status Code",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T02:55:58.812Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/889"
}
],
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-32414",
"datePublished": "2025-04-08T00:00:00.000Z",
"dateReserved": "2025-04-08T00:00:00.000Z",
"dateUpdated": "2025-11-03T19:53:25.162Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-32414",
"date": "2026-06-04",
"epss": "0.00034",
"percentile": "0.10513"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-32414\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2025-04-08T03:15:15.940\",\"lastModified\":\"2025-11-03T20:18:27.087\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters.\"},{\"lang\":\"es\",\"value\":\"En libxml2 anterior a la versi\u00f3n 2.13.8 y 2.14.x anterior a la versi\u00f3n 2.14.2, se pueden producir accesos a memoria fuera de los l\u00edmites en la API de Python (enlaces de Python) debido a un valor de retorno incorrecto. Esto ocurre en xmlPythonFileRead y xmlPythonFileReadRaw debido a una diferencia entre bytes y caracteres.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"cve@mitre.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L\",\"baseScore\":5.6,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":1.4,\"impactScore\":3.7},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"cve@mitre.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-393\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-252\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.13.8\",\"matchCriteriaId\":\"DF308A16-618A-44BE-900E-3B65DCC0E428\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.14.0\",\"versionEndExcluding\":\"2.14.2\",\"matchCriteriaId\":\"9878007F-7139-47DE-BD8F-E0DFCAD038B7\"}]}]}],\"references\":[{\"url\":\"https://gitlab.gnome.org/GNOME/libxml2/-/issues/889\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/04/msg00041.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://gitlab.gnome.org/GNOME/libxml2/-/issues/889\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://lists.debian.org/debian-lts-announce/2025/04/msg00041.html\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-03T19:53:25.162Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-32414\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-09T14:56:33.455181Z\"}}}], \"references\": [{\"url\": \"https://gitlab.gnome.org/GNOME/libxml2/-/issues/889\", \"tags\": [\"exploit\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-09T14:56:56.583Z\"}}], \"cna\": {\"metrics\": [{\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 5.6, \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L\"}}], \"affected\": [{\"vendor\": \"xmlsoft\", \"product\": \"libxml2\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"2.13.8\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"2.14.0\", \"lessThan\": \"2.14.2\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://gitlab.gnome.org/GNOME/libxml2/-/issues/889\"}], \"x_generator\": {\"engine\": \"enrichogram 0.0.1\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-393\", \"description\": \"CWE-393 Return of Wrong Status Code\"}]}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"2.13.8\"}, {\"criteria\": \"cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"2.14.2\", \"versionStartIncluding\": \"2.14.0\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2025-04-08T02:55:58.812Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-32414\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-03T19:53:25.162Z\", \"dateReserved\": \"2025-04-08T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2025-04-08T00:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
RHSA-2025:16159
Vulnerability from csaf_redhat - Published: 2025-09-25 09:09 - Updated: 2026-06-02 15:24Summary
Red Hat Security Advisory: OpenShift Container Platform 4.15.58 bug fix and security update
Severity
Moderate
Notes
Topic: Red Hat OpenShift Container Platform release 4.15.58 is now available with updates to packages and images that fix several bugs and add enhancements.
This release includes a security update for Red Hat OpenShift Container Platform 4.15.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the container images for Red Hat OpenShift Container Platform 4.15.58. See the following advisory for the RPM packages for this release:
https://access.redhat.com/errata/RHBA-2025:16158
Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:
https://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html/release_notes/
Security Fix(es):
* libxml2: Out-of-Bounds Read in libxml2 (CVE-2025-32414)
* libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables (CVE-2025-32415)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
All OpenShift Container Platform 4.15 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html-single/updating_clusters/index#updating-cluster-cli.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in libxml2. This vulnerability allows out-of-bounds memory access due to incorrect handling of return values in xmlPythonFileRead and xmlPythonFileReadRaw. This is caused by a mismatch between the length of the file in bytes vs the length in characters, as unicode characters can occupy up to 4 bytes per character.
5.6 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-aarch64-415.92.202509170209-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202509170209-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-s390x-415.92.202509170209-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-x86_64-415.92.202509170209-0 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the libxml2 library. A heap-based underflow can be triggered when a crafted XML document is validated against an XML schema with certain identity constraints or when a crafted XML schema is used, causing a crash to the application linked to the library and resulting in a denial of service.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-aarch64-415.92.202509170209-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202509170209-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-s390x-415.92.202509170209-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-x86_64-415.92.202509170209-0 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
15 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.15.58 is now available with updates to packages and images that fix several bugs and add enhancements.\n\nThis release includes a security update for Red Hat OpenShift Container Platform 4.15.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the container images for Red Hat OpenShift Container Platform 4.15.58. See the following advisory for the RPM packages for this release:\n\nhttps://access.redhat.com/errata/RHBA-2025:16158\n\nSpace precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html/release_notes/\n\nSecurity Fix(es):\n\n* libxml2: Out-of-Bounds Read in libxml2 (CVE-2025-32414)\n* libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables (CVE-2025-32415)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAll OpenShift Container Platform 4.15 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html-single/updating_clusters/index#updating-cluster-cli.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:16159",
"url": "https://access.redhat.com/errata/RHSA-2025:16159"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2358121",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2358121"
},
{
"category": "external",
"summary": "2360768",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2360768"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_16159.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.15.58 bug fix and security update",
"tracking": {
"current_release_date": "2026-06-02T15:24:04+00:00",
"generator": {
"date": "2026-06-02T15:24:04+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2025:16159",
"initial_release_date": "2025-09-25T09:09:37+00:00",
"revision_history": [
{
"date": "2025-09-25T09:09:37+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-09-25T09:09:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-02T15:24:04+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.15",
"product": {
"name": "Red Hat OpenShift Container Platform 4.15",
"product_id": "9Base-RHOSE-4.15",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.15::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos-aarch64-415.92.202509170209-0",
"product": {
"name": "rhcos-aarch64-415.92.202509170209-0",
"product_id": "rhcos-aarch64-415.92.202509170209-0",
"product_identification_helper": {
"purl": "pkg:generic/redhat/rhcos@415.92.202509170209?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos-ppc64le-415.92.202509170209-0",
"product": {
"name": "rhcos-ppc64le-415.92.202509170209-0",
"product_id": "rhcos-ppc64le-415.92.202509170209-0",
"product_identification_helper": {
"purl": "pkg:generic/redhat/rhcos@415.92.202509170209?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos-s390x-415.92.202509170209-0",
"product": {
"name": "rhcos-s390x-415.92.202509170209-0",
"product_id": "rhcos-s390x-415.92.202509170209-0",
"product_identification_helper": {
"purl": "pkg:generic/redhat/rhcos@415.92.202509170209?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos-x86_64-415.92.202509170209-0",
"product": {
"name": "rhcos-x86_64-415.92.202509170209-0",
"product_id": "rhcos-x86_64-415.92.202509170209-0",
"product_identification_helper": {
"purl": "pkg:generic/redhat/rhcos@415.92.202509170209?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos-aarch64-415.92.202509170209-0 as a component of Red Hat OpenShift Container Platform 4.15",
"product_id": "9Base-RHOSE-4.15:rhcos-aarch64-415.92.202509170209-0"
},
"product_reference": "rhcos-aarch64-415.92.202509170209-0",
"relates_to_product_reference": "9Base-RHOSE-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos-ppc64le-415.92.202509170209-0 as a component of Red Hat OpenShift Container Platform 4.15",
"product_id": "9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202509170209-0"
},
"product_reference": "rhcos-ppc64le-415.92.202509170209-0",
"relates_to_product_reference": "9Base-RHOSE-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos-s390x-415.92.202509170209-0 as a component of Red Hat OpenShift Container Platform 4.15",
"product_id": "9Base-RHOSE-4.15:rhcos-s390x-415.92.202509170209-0"
},
"product_reference": "rhcos-s390x-415.92.202509170209-0",
"relates_to_product_reference": "9Base-RHOSE-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos-x86_64-415.92.202509170209-0 as a component of Red Hat OpenShift Container Platform 4.15",
"product_id": "9Base-RHOSE-4.15:rhcos-x86_64-415.92.202509170209-0"
},
"product_reference": "rhcos-x86_64-415.92.202509170209-0",
"relates_to_product_reference": "9Base-RHOSE-4.15"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-32414",
"cwe": {
"id": "CWE-393",
"name": "Return of Wrong Status Code"
},
"discovery_date": "2025-04-08T04:00:51.284113+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2358121"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxml2. This vulnerability allows out-of-bounds memory access due to incorrect handling of return values in xmlPythonFileRead and xmlPythonFileReadRaw. This is caused by a mismatch between the length of the file in bytes vs the length in characters, as unicode characters can occupy up to 4 bytes per character.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Out-of-Bounds Read in libxml2",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This bug affects parsing of text streams using:\n- the Python bindings (pending deprecation: https://gitlab.gnome.org/GNOME/libxml2/-/issues/891)\n- the libxml2 SAX driver drv_libxml2,\n- the XML Reader API\n\nParsing of binary streams is not affected by this vulnerability.\n\nThe vulnerability exists in the libxml2 package the bug arises because of a mismatch between characters vs. bytes handling: functions xmlPythonFileRead and xmlPythonFileReadRaw may compute a length incorrectly (mistaking character count for byte count), but for a successful exploitation of this bug requires local access, on top of that the path to exploitation is non trivial, where handling of python binding\u0027s and specific input handling of bytes and characters are required which makes this outside the scope of an attacker and increases the attack complexity, for these reasons this has been marked as moderate by Red Hat.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202509170209-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202509170209-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202509170209-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202509170209-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-32414"
},
{
"category": "external",
"summary": "RHBZ#2358121",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2358121"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-32414",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32414"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/889",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/889"
}
],
"release_date": "2025-04-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-09-25T09:09:37+00:00",
"details": "For OpenShift Container Platform 4.15 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata\nfor x86_64, s390x, ppc64le, and aarch64 architectures. The image digests\nmay be found at\nhttps://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:427fc0b133cc2aa45a68c36b603403ab278c845c0232e1c59387c4abfff01b9a\n\n (For s390x architecture)\n The image digest is sha256:ba89251bdd0f31c6a05306c3696dcaf38072eacf0b8ad8bfd7d8048b4038ccca\n\n (For ppc64le architecture)\n The image digest is sha256:9b60e5392e2733aab78a7a89f6735620ad229e415737c16b930efe59fe0810dd\n\n (For aarch64 architecture)\n The image digest is sha256:3843de0e1511bbe78f5045f6b7bcfbdc3f0836c9d07d5ec320033c8105a09890\n\nAll OpenShift Container Platform 4.15 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift CLI (oc)\nor web console. Instructions for upgrading a cluster are available at\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202509170209-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202509170209-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202509170209-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202509170209-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:16159"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202509170209-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202509170209-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202509170209-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202509170209-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202509170209-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202509170209-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202509170209-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202509170209-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: Out-of-Bounds Read in libxml2"
},
{
"cve": "CVE-2025-32415",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-04-17T18:00:46.954384+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2360768"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the libxml2 library. A heap-based underflow can be triggered when a crafted XML document is validated against an XML schema with certain identity constraints or when a crafted XML schema is used, causing a crash to the application linked to the library and resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs to be able to process a specially crafted XML file with the application linked to the libxml2 library. Additionally, the only security impact of this vulnerability is a denial of service.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202509170209-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202509170209-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202509170209-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202509170209-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-32415"
},
{
"category": "external",
"summary": "RHBZ#2360768",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2360768"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-32415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-32415",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32415"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/890",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/890"
}
],
"release_date": "2025-04-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-09-25T09:09:37+00:00",
"details": "For OpenShift Container Platform 4.15 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata\nfor x86_64, s390x, ppc64le, and aarch64 architectures. The image digests\nmay be found at\nhttps://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:427fc0b133cc2aa45a68c36b603403ab278c845c0232e1c59387c4abfff01b9a\n\n (For s390x architecture)\n The image digest is sha256:ba89251bdd0f31c6a05306c3696dcaf38072eacf0b8ad8bfd7d8048b4038ccca\n\n (For ppc64le architecture)\n The image digest is sha256:9b60e5392e2733aab78a7a89f6735620ad229e415737c16b930efe59fe0810dd\n\n (For aarch64 architecture)\n The image digest is sha256:3843de0e1511bbe78f5045f6b7bcfbdc3f0836c9d07d5ec320033c8105a09890\n\nAll OpenShift Container Platform 4.15 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift CLI (oc)\nor web console. Instructions for upgrading a cluster are available at\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202509170209-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202509170209-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202509170209-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202509170209-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:16159"
},
{
"category": "workaround",
"details": "Do not process untrusted files with the libxml2 library.",
"product_ids": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202509170209-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202509170209-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202509170209-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202509170209-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202509170209-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202509170209-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202509170209-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202509170209-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables"
}
]
}
RHSA-2025:22529
Vulnerability from csaf_redhat - Published: 2025-12-01 21:59 - Updated: 2026-06-03 17:13Summary
Red Hat Security Advisory: Red Hat Ceph Storage
Severity
Important
Notes
Topic: A new version of Red Hat build of Ceph Storage has been released
Details: The Red Hat Storage Ceph container images are based on the latest ubi9 base image and Ceph 7.1.
This release updates to the latest version.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A segmentation fault vulnerability was found in ncurses's convert_strings() function of tinfo/read_entry.c file. This flaw occurs due to corrupted terminfo data, triggering an out-of-bounds read error.
6.1 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le | — |
Vendor Fix
fix
|
Known not affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64 | — | ||
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x | — | ||
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64 | — | ||
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le | — | ||
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64 | — | ||
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le | — | ||
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x | — | ||
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le | — | ||
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x | — | ||
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64 | — | ||
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le | — | ||
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64 | — | ||
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x | — | ||
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le | — | ||
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x | — | ||
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64 | — |
Threats
Impact
Low
A flaw was found in shadow-utils. Affected versions of shadow-utils establish a default /etc/subuid behavior, for example, uid 100000 through 165535 for the first user account, that can conflict with the uids of users defined on locally administered networks. This issue potentially leads to account takeover by leveraging newuidmap for access to an NFS home directory or same-host resources for remote logins by these local network users.
CWE-1188 - Initialization of a Resource with an Insecure DefaultAffected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le | — |
Vendor Fix
fix
|
Known not affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64 | — | ||
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x | — | ||
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64 | — | ||
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le | — | ||
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64 | — | ||
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le | — | ||
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x | — | ||
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le | — | ||
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x | — | ||
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64 | — | ||
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le | — | ||
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64 | — | ||
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x | — | ||
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le | — | ||
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x | — | ||
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64 | — |
Threats
Impact
Low
A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite().
6.5 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.
7.7 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64 | — |
Workaround
|
Threats
Impact
Important
A double-free vulnerability has been discovered in glibc (GNU C Library). This flaw occurs during bracket expression parsing within the regcomp function, specifically when a memory allocation failure takes place. Exploitation of a double-free vulnerability can lead to memory corruption, which could enable an attacker to achieve arbitrary code execution or a denial of service condition.
4.2 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in the OpenSSL CMS implementation (RFC 3211 KEK Unwrap). This vulnerability allows memory corruption, an application level denial of service, or potential execution of attacker-supplied code via crafted CMS messages using password-based encryption (PWRI).
5.6 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in the integration of Active Directory and the System Security Services Daemon (SSSD) on Linux systems. In default configurations, the Kerberos local authentication plugin (sssd_krb5_localauth_plugin) is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an attacker with permission to modify certain AD attributes (such as userPrincipalName or samAccountName) to impersonate privileged users, potentially resulting in unauthorized access or privilege escalation on domain-joined Linux hosts.
8.8 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in libxml2. This vulnerability allows out-of-bounds memory access due to incorrect handling of return values in xmlPythonFileRead and xmlPythonFileReadRaw. This is caused by a mismatch between the length of the file in bytes vs the length in characters, as unicode characters can occupy up to 4 bytes per character.
5.6 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in the libxml2 library. A heap-based underflow can be triggered when a crafted XML document is validated against an XML schema with certain identity constraints or when a crafted XML schema is used, causing a crash to the application linked to the library and resulting in a denial of service.
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name (SAN) entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1_delete_structure() on an ASN.1 node it does not own, leading to a double-free condition when the parent function or caller later attempts to free the same structure. This vulnerability can be triggered using only public GnuTLS APIs and may result in denial of service or memory corruption, depending on allocator behavior.
6.5 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension (OID 1.3.6.1.4.1.11129.2.4.2) that contains sensitive data. This issue leads to the exposure of confidential information when GnuTLS verifies certificates from certain websites when the certificate (SCT) is not checked correctly.
5.3 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds (OOB) NULL pointer write, resulting in memory corruption and a denial-of-service (DoS) that could potentially crash the system.
6.5 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64 | — |
Workaround
|
Threats
Impact
Moderate
References
77 references
Acknowledgments
Zavier Lee
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A new version of Red Hat build of Ceph Storage has been released",
"title": "Topic"
},
{
"category": "general",
"text": "The Red Hat Storage Ceph container images are based on the latest ubi9 base image and Ceph 7.1.\nThis release updates to the latest version.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:22529",
"url": "https://access.redhat.com/errata/RHSA-2025:22529"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2022-29458",
"url": "https://access.redhat.com/security/cve/CVE-2022-29458"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-56433",
"url": "https://access.redhat.com/security/cve/CVE-2024-56433"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-11561",
"url": "https://access.redhat.com/security/cve/CVE-2025-11561"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-32414",
"url": "https://access.redhat.com/security/cve/CVE-2025-32414"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-32415",
"url": "https://access.redhat.com/security/cve/CVE-2025-32415"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-32988",
"url": "https://access.redhat.com/security/cve/CVE-2025-32988"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-32989",
"url": "https://access.redhat.com/security/cve/CVE-2025-32989"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-32990",
"url": "https://access.redhat.com/security/cve/CVE-2025-32990"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6395",
"url": "https://access.redhat.com/security/cve/CVE-2025-6395"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6965",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-8058",
"url": "https://access.redhat.com/security/cve/CVE-2025-8058"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9230",
"url": "https://access.redhat.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_ceph_storage/",
"url": "https://docs.redhat.com/en/documentation/red_hat_ceph_storage/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_22529.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Ceph Storage",
"tracking": {
"current_release_date": "2026-06-03T17:13:13+00:00",
"generator": {
"date": "2026-06-03T17:13:13+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2025:22529",
"initial_release_date": "2025-12-01T21:59:44+00:00",
"revision_history": [
{
"date": "2025-12-01T21:59:44+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-12-01T21:59:52+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-03T17:13:13+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Ceph Storage 7",
"product": {
"name": "Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ceph_storage:7::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Ceph Storage"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"product_id": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-haproxy-rhel9@sha256%3Ade1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6?arch=amd64\u0026repository_url=registry.redhat.io/rhceph"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"product": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"product_id": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"product_identification_helper": {
"purl": "pkg:oci/keepalived-rhel9@sha256%3A0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906?arch=amd64\u0026repository_url=registry.redhat.io/rhceph"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"product": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"product_id": "registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel9@sha256%3A9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2?arch=amd64\u0026repository_url=registry.redhat.io/rhceph"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"product_id": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-promtail-rhel9@sha256%3A29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923?arch=amd64\u0026repository_url=registry.redhat.io/rhceph"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"product_id": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-7-rhel9@sha256%3A4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe?arch=amd64\u0026repository_url=registry.redhat.io/rhceph"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64",
"product": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64",
"product_id": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64",
"product_identification_helper": {
"purl": "pkg:oci/snmp-notifier-rhel9@sha256%3Aadaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056?arch=amd64\u0026repository_url=registry.redhat.io/rhceph"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"product_id": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-haproxy-rhel9@sha256%3A9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf?arch=s390x\u0026repository_url=registry.redhat.io/rhceph"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"product": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"product_id": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"product_identification_helper": {
"purl": "pkg:oci/keepalived-rhel9@sha256%3A9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27?arch=s390x\u0026repository_url=registry.redhat.io/rhceph"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"product": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"product_id": "registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel9@sha256%3A684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8?arch=s390x\u0026repository_url=registry.redhat.io/rhceph"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"product_id": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-promtail-rhel9@sha256%3A6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53?arch=s390x\u0026repository_url=registry.redhat.io/rhceph"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"product_id": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-7-rhel9@sha256%3A6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631?arch=s390x\u0026repository_url=registry.redhat.io/rhceph"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"product": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"product_id": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/snmp-notifier-rhel9@sha256%3A992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5?arch=s390x\u0026repository_url=registry.redhat.io/rhceph"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"product_id": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-haproxy-rhel9@sha256%3A2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"product_id": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/keepalived-rhel9@sha256%3A721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"product_id": "registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel9@sha256%3Ad3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"product_id": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-promtail-rhel9@sha256%3A27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le",
"product_id": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-7-rhel9@sha256%3Ace213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"product_id": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/snmp-notifier-rhel9@sha256%3A6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"product": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"product_id": "registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel9@sha256%3A5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd?arch=arm64\u0026repository_url=registry.redhat.io/rhceph"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64 as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64"
},
"product_reference": "registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x"
},
"product_reference": "registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64 as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64"
},
"product_reference": "registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64 as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64"
},
"product_reference": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x"
},
"product_reference": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64 as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64 as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64 as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x"
},
"product_reference": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64 as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
},
"product_reference": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-29458",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2022-04-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2076483"
}
],
"notes": [
{
"category": "description",
"text": "A segmentation fault vulnerability was found in ncurses\u0027s convert_strings() function of tinfo/read_entry.c file. This flaw occurs due to corrupted terminfo data, triggering an out-of-bounds read error.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ncurses: segfaulting OOB read",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security classifies this issue as having a Low security impact. This vulnerability is present in the tic program which is only used at build-time and does not exist in libncurses. The exploit can only be triggered if the user performs a specific action, such as processing terminfo from source to compiled form using trusted input, which limits the practical impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le"
],
"known_not_affected": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-29458"
},
{
"category": "external",
"summary": "RHBZ#2076483",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2076483"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-29458",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29458"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458"
}
],
"release_date": "2022-04-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-01T21:59:44+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22529"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "ncurses: segfaulting OOB read"
},
{
"cve": "CVE-2024-56433",
"cwe": {
"id": "CWE-1188",
"name": "Initialization of a Resource with an Insecure Default"
},
"discovery_date": "2024-12-26T09:00:54.065197+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2334165"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in shadow-utils. Affected versions of shadow-utils establish a default /etc/subuid behavior, for example, uid 100000 through 165535 for the first user account, that can conflict with the uids of users defined on locally administered networks. This issue potentially leads to account takeover by leveraging newuidmap for access to an NFS home directory or same-host resources for remote logins by these local network users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le"
],
"known_not_affected": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-56433"
},
{
"category": "external",
"summary": "RHBZ#2334165",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2334165"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-56433",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-56433",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56433"
},
{
"category": "external",
"summary": "https://github.com/shadow-maint/shadow/blob/e2512d5741d4a44bdd81a8c2d0029b6222728cf0/etc/login.defs#L238-L241",
"url": "https://github.com/shadow-maint/shadow/blob/e2512d5741d4a44bdd81a8c2d0029b6222728cf0/etc/login.defs#L238-L241"
},
{
"category": "external",
"summary": "https://github.com/shadow-maint/shadow/issues/1157",
"url": "https://github.com/shadow-maint/shadow/issues/1157"
},
{
"category": "external",
"summary": "https://github.com/shadow-maint/shadow/releases/tag/4.4",
"url": "https://github.com/shadow-maint/shadow/releases/tag/4.4"
}
],
"release_date": "2024-12-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-01T21:59:44+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22529"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise"
},
{
"cve": "CVE-2025-6395",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2025-07-07T09:30:13.037000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2376755"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gnutls: NULL pointer dereference in _gnutls_figure_common_ciphersuite()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le"
],
"known_not_affected": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6395"
},
{
"category": "external",
"summary": "RHBZ#2376755",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376755"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6395",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6395"
},
{
"category": "external",
"summary": "https://gitlab.com/gnutls/gnutls/-/issues/1718",
"url": "https://gitlab.com/gnutls/gnutls/-/issues/1718"
},
{
"category": "external",
"summary": "https://lists.gnupg.org/pipermail/gnutls-help/2025-July/004883.html",
"url": "https://lists.gnupg.org/pipermail/gnutls-help/2025-July/004883.html"
}
],
"release_date": "2025-07-10T07:56:53.029000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-01T21:59:44+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22529"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "gnutls: NULL pointer dereference in _gnutls_figure_common_ciphersuite()"
},
{
"cve": "CVE-2025-6965",
"cwe": {
"id": "CWE-197",
"name": "Numeric Truncation Error"
},
"discovery_date": "2025-07-15T14:02:19.241458+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380149"
}
],
"notes": [
{
"category": "description",
"text": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sqlite: Integer Truncation in SQLite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in SQLite is categorized as Important rather than Critical because, although it involves memory corruption, the conditions required to trigger it are relatively constrained. The flaw arises when a query causes the number of aggregate terms to exceed internal limits, leading to potential buffer overflows or memory mismanagement. However, exploitation requires the ability to craft complex SQL queries and interact with the SQLite engine in a specific manner\u2014typically through direct SQL input. There is no known evidence of arbitrary code execution, privilege escalation, or remote exploitability as a direct result of this flaw. Additionally, most SQLite deployments are embedded in applications where input is tightly controlled or sanitized.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le"
],
"known_not_affected": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "RHBZ#2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://www.oracle.com/security-alerts/cpujan2026.html#AppendixMSQL",
"url": "https://www.oracle.com/security-alerts/cpujan2026.html#AppendixMSQL"
},
{
"category": "external",
"summary": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8",
"url": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8"
}
],
"release_date": "2025-07-15T13:44:00.784000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-01T21:59:44+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22529"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "sqlite: Integer Truncation in SQLite"
},
{
"cve": "CVE-2025-8058",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"discovery_date": "2025-07-23T20:00:41.541234+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2383146"
}
],
"notes": [
{
"category": "description",
"text": "A double-free vulnerability has been discovered in glibc (GNU C Library). This flaw occurs during bracket expression parsing within the regcomp function, specifically when a memory allocation failure takes place. Exploitation of a double-free vulnerability can lead to memory corruption, which could enable an attacker to achieve arbitrary code execution or a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "glibc: Double free in glibc",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le"
],
"known_not_affected": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-8058"
},
{
"category": "external",
"summary": "RHBZ#2383146",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2383146"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-8058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8058"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-8058",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8058"
},
{
"category": "external",
"summary": "https://sourceware.org/bugzilla/show_bug.cgi?id=33185",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=33185"
},
{
"category": "external",
"summary": "https://sourceware.org/git/?p=glibc.git;a=commit;h=3ff17af18c38727b88d9115e536c069e6b5d601f",
"url": "https://sourceware.org/git/?p=glibc.git;a=commit;h=3ff17af18c38727b88d9115e536c069e6b5d601f"
}
],
"release_date": "2025-07-23T19:57:17.138000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-01T21:59:44+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22529"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "glibc: Double free in glibc"
},
{
"cve": "CVE-2025-9230",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2025-09-17T12:15:34.387000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396054"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the OpenSSL CMS implementation (RFC 3211 KEK Unwrap). This vulnerability allows memory corruption, an application level denial of service, or potential execution of attacker-supplied code via crafted CMS messages using password-based encryption (PWRI).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability was rated as Moderate because, while the potential impact includes an application level denial of service and possible arbitrary code execution, successful exploitation is considered unlikely due to the high attack complexity and the fact that password-based CMS encryption (PWRI) is rarely used in real-world deployments.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le"
],
"known_not_affected": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "RHBZ#2396054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396054"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9230",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9230"
}
],
"release_date": "2025-09-30T23:59:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-01T21:59:44+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22529"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap"
},
{
"acknowledgments": [
{
"names": [
"Zavier Lee"
]
}
],
"cve": "CVE-2025-11561",
"cwe": {
"id": "CWE-269",
"name": "Improper Privilege Management"
},
"discovery_date": "2025-10-09T12:57:29.851000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2402727"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the integration of Active Directory and the System Security Services Daemon (SSSD) on Linux systems. In default configurations, the Kerberos local authentication plugin (sssd_krb5_localauth_plugin) is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an attacker with permission to modify certain AD attributes (such as userPrincipalName or samAccountName) to impersonate privileged users, potentially resulting in unauthorized access or privilege escalation on domain-joined Linux hosts.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sssd: SSSD default Kerberos configuration allows privilege escalation on AD-joined Linux systems",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has assessed this issue as High severity for domain-joined Linux systems using default SSSD configurations. While the Kerberos local authentication plugin (sssd_krb5_localauth_plugin) is enabled by default, fallback to the an2ln plugin can occur, allowing a domain user who can modify certain Active Directory attributes (such as userPrincipalName or samAccountName) to map to privileged local accounts. This could lead to unauthorized access or elevated privileges on affected Linux hosts. Administrators are advised to review and apply recommended hardening configurations to mitigate this behavior.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le"
],
"known_not_affected": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-11561"
},
{
"category": "external",
"summary": "RHBZ#2402727",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402727"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-11561",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11561"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-11561",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-11561"
},
{
"category": "external",
"summary": "https://blog.async.sg/kerberos-ldr",
"url": "https://blog.async.sg/kerberos-ldr"
},
{
"category": "external",
"summary": "https://github.com/SSSD/sssd/issues/8021",
"url": "https://github.com/SSSD/sssd/issues/8021"
}
],
"release_date": "2025-10-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-01T21:59:44+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22529"
},
{
"category": "workaround",
"details": "To mitigate this issue, ensure the SSSD Kerberos local authentication plugin (sssd_krb5_localauth_plugin) is configured and the an2ln plugin is disabled by adding \"disable = an2ln\" in a krb5 include file, for example /var/lib/sss/pubconf/krb5.include.d/localauth_plugin and make sure it is included in the Kerberos configuration. Apply vendor updates and follow Red Hat guidance for SSSD hardening.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "sssd: SSSD default Kerberos configuration allows privilege escalation on AD-joined Linux systems"
},
{
"cve": "CVE-2025-32414",
"cwe": {
"id": "CWE-393",
"name": "Return of Wrong Status Code"
},
"discovery_date": "2025-04-08T04:00:51.284113+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2358121"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxml2. This vulnerability allows out-of-bounds memory access due to incorrect handling of return values in xmlPythonFileRead and xmlPythonFileReadRaw. This is caused by a mismatch between the length of the file in bytes vs the length in characters, as unicode characters can occupy up to 4 bytes per character.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Out-of-Bounds Read in libxml2",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This bug affects parsing of text streams using:\n- the Python bindings (pending deprecation: https://gitlab.gnome.org/GNOME/libxml2/-/issues/891)\n- the libxml2 SAX driver drv_libxml2,\n- the XML Reader API\n\nParsing of binary streams is not affected by this vulnerability.\n\nThe vulnerability exists in the libxml2 package the bug arises because of a mismatch between characters vs. bytes handling: functions xmlPythonFileRead and xmlPythonFileReadRaw may compute a length incorrectly (mistaking character count for byte count), but for a successful exploitation of this bug requires local access, on top of that the path to exploitation is non trivial, where handling of python binding\u0027s and specific input handling of bytes and characters are required which makes this outside the scope of an attacker and increases the attack complexity, for these reasons this has been marked as moderate by Red Hat.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le"
],
"known_not_affected": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-32414"
},
{
"category": "external",
"summary": "RHBZ#2358121",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2358121"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-32414",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32414"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/889",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/889"
}
],
"release_date": "2025-04-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-01T21:59:44+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22529"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: Out-of-Bounds Read in libxml2"
},
{
"cve": "CVE-2025-32415",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-04-17T18:00:46.954384+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2360768"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the libxml2 library. A heap-based underflow can be triggered when a crafted XML document is validated against an XML schema with certain identity constraints or when a crafted XML schema is used, causing a crash to the application linked to the library and resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs to be able to process a specially crafted XML file with the application linked to the libxml2 library. Additionally, the only security impact of this vulnerability is a denial of service.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le"
],
"known_not_affected": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-32415"
},
{
"category": "external",
"summary": "RHBZ#2360768",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2360768"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-32415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-32415",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32415"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/890",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/890"
}
],
"release_date": "2025-04-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-01T21:59:44+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22529"
},
{
"category": "workaround",
"details": "Do not process untrusted files with the libxml2 library.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables"
},
{
"cve": "CVE-2025-32988",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"discovery_date": "2025-04-15T01:21:36.833000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2359622"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name (SAN) entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1_delete_structure() on an ASN.1 node it does not own, leading to a double-free condition when the parent function or caller later attempts to free the same structure.\n\nThis vulnerability can be triggered using only public GnuTLS APIs and may result in denial of service or memory corruption, depending on allocator behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gnutls: Vulnerability in GnuTLS otherName SAN export",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Moderate rather than Important because, although it involves a memory management flaw (double-free) that can potentially lead to memory corruption, practical exploitation is limited by modern memory protection mechanisms and contextual constraints. The issue occurs only when processing malformed SAN otherName entries through public GnuTLS APIs\u2014an uncommon and controlled code path in most deployments. Furthermore, exploitation for arbitrary code execution is highly dependent on allocator behavior and requires precise heap manipulation, which is non-trivial under defenses such as Address Space Layout Randomization (ASLR), Data Execution Prevention (DEP), and hardened memory allocators. In the majority of cases, the outcome would be a crash or denial of service rather than a reliable compromise of integrity or confidentiality. Therefore, given its limited attack surface, dependency on crafted input, and the presence of strong runtime mitigations, the impact justifies a Moderate severity classification instead of Important.\n\nAs such, successfully triggering this vulnerability would require a sophisticated attack vector that is capable of accounting for the many native and deployed security mechanisms designed to detect and contain a double-free condition.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le"
],
"known_not_affected": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-32988"
},
{
"category": "external",
"summary": "RHBZ#2359622",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359622"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-32988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-32988",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32988"
},
{
"category": "external",
"summary": "https://lists.gnupg.org/pipermail/gnutls-help/2025-July/004883.html",
"url": "https://lists.gnupg.org/pipermail/gnutls-help/2025-July/004883.html"
}
],
"release_date": "2025-07-10T07:55:14.310000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-01T21:59:44+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22529"
},
{
"category": "workaround",
"details": "Currently, no mitigation is available for this vulnerability.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "gnutls: Vulnerability in GnuTLS otherName SAN export"
},
{
"cve": "CVE-2025-32989",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2025-04-15T01:21:36.512000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2359621"
}
],
"notes": [
{
"category": "description",
"text": "A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension (OID 1.3.6.1.4.1.11129.2.4.2) that contains sensitive data. This issue leads to the exposure of confidential information when GnuTLS verifies certificates from certain websites when the certificate (SCT) is not checked correctly.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gnutls: Vulnerability in GnuTLS SCT extension parsing",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le"
],
"known_not_affected": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-32989"
},
{
"category": "external",
"summary": "RHBZ#2359621",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359621"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-32989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-32989",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32989"
},
{
"category": "external",
"summary": "https://lists.gnupg.org/pipermail/gnutls-help/2025-July/004883.html",
"url": "https://lists.gnupg.org/pipermail/gnutls-help/2025-July/004883.html"
}
],
"release_date": "2025-07-10T07:54:13.541000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-01T21:59:44+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22529"
},
{
"category": "workaround",
"details": "Currently, no mitigation is available for this vulnerability.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "gnutls: Vulnerability in GnuTLS SCT extension parsing"
},
{
"cve": "CVE-2025-32990",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2025-04-15T01:21:36.656000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2359620"
}
],
"notes": [
{
"category": "description",
"text": "A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds (OOB) NULL pointer write, resulting in memory corruption and a denial-of-service (DoS) that could potentially crash the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gnutls: Vulnerability in GnuTLS certtool template parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as a moderate severity because a heap-buffer-overflow (off-by-one) flaw was found exclusively in the certtool utility\u0027s template parsing logic (part of the gnutls-utils package), and does not affect the core gnutls library itself. This issue is triggered when the tool processes specially crafted settings from a template file, leading to an out-of-bounds NULL pointer write. The resulting memory corruption causes a denial-of-service by crashing the application.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le"
],
"known_not_affected": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-32990"
},
{
"category": "external",
"summary": "RHBZ#2359620",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359620"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-32990",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32990"
},
{
"category": "external",
"summary": "https://lists.gnupg.org/pipermail/gnutls-help/2025-July/004883.html",
"url": "https://lists.gnupg.org/pipermail/gnutls-help/2025-July/004883.html"
}
],
"release_date": "2025-07-09T07:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-01T21:59:44+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22529"
},
{
"category": "workaround",
"details": "Currently, no mitigation is available for this vulnerability.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:5a9b2a273a676301e4270312e5d03b2b19222d95ee0f95583fd1eedc956078cd_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:684398687e17d2eff4f713eaee18dea22bbe3285334bfad0d9812fab51c300a8_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:9394923ea473b90739587a7f90ec269963ec5ce399520d8f626d63ad1357a0a2_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d3f279fb0bf1b0e13fce85af7a3976149023cb85faf881bfcf515ae129c3b249_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:0c2ea384ae2c29dbbc965e9c24f1e6e78d2d1922dae44218c7585030c5a7a906_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:721cc49763de142a6eba2dd441ba0dc522500d385d65300219be48d2f31f0c74_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9fa023730bc77721a1d519ecc1a209b6d4c06b29baa3dcbb5f2dff2921c6cf27_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2fa401bf3bd53d4f2b9ad775b266ee897206e632a70e7a661409de7860b810c8_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9b67425fc074cc2154ac38dd8b5e92e5b2bbd46f8899683a23e9020e62ab5adf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:de1c3da36e3258c2b6032bf2e3f89fb2c6018489deab55bf97d2416294e4dcf6_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:27ce7c22853f9754b91e91cf9b88f9fb99ceea7b9555724fc36b0dddd83c93a4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:29f771b5f09b0e33d1c2589166a17368f5eec98e46efbe962ecc7a5c8d9ec923_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6ae4656046c69b9821519e54665d9bc6575f3cf35c3a83fa78b50b7efe95ef53_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6968e191b6f06b24febd441bd8b6b2d68236a6cee30a233d1ef6fc1191332204_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:992f1649dfed889b9af86da3dcb91a764dc4a0b5918c4ce0945a0c1f5329dfa5_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:adaa24cdf0a56c1fbda2f7ac7f977b07dfc8c12654cbdc8d9dc5c020b2736056_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "gnutls: Vulnerability in GnuTLS certtool template parsing"
}
]
}
RHSA-2025:8958
Vulnerability from csaf_redhat - Published: 2025-06-11 22:21 - Updated: 2026-06-02 15:22Summary
Red Hat Security Advisory: libxml2 security update
Severity
Moderate
Notes
Topic: An update for libxml2 is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The libxml2 library is a development toolbox providing the implementation of various XML standards.
Security Fix(es):
* libxml2: Out-of-Bounds Read in libxml2 (CVE-2025-32414)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in libxml2. This vulnerability allows out-of-bounds memory access due to incorrect handling of return values in xmlPythonFileRead and xmlPythonFileReadRaw. This is caused by a mismatch between the length of the file in bytes vs the length in characters, as unicode characters can occupy up to 4 bytes per character.
5.6 (Medium)
Affected products
Fixed
60 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
9 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for libxml2 is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The libxml2 library is a development toolbox providing the implementation of various XML standards.\n\nSecurity Fix(es):\n\n* libxml2: Out-of-Bounds Read in libxml2 (CVE-2025-32414)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:8958",
"url": "https://access.redhat.com/errata/RHSA-2025:8958"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2358121",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2358121"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_8958.json"
}
],
"title": "Red Hat Security Advisory: libxml2 security update",
"tracking": {
"current_release_date": "2026-06-02T15:22:47+00:00",
"generator": {
"date": "2026-06-02T15:22:47+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2025:8958",
"initial_release_date": "2025-06-11T22:21:36+00:00",
"revision_history": [
{
"date": "2025-06-11T22:21:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-06-11T22:21:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-02T15:22:47+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:8::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.7-20.el8_10.aarch64",
"product": {
"name": "libxml2-devel-0:2.9.7-20.el8_10.aarch64",
"product_id": "libxml2-devel-0:2.9.7-20.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.7-20.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.7-20.el8_10.aarch64",
"product": {
"name": "libxml2-debugsource-0:2.9.7-20.el8_10.aarch64",
"product_id": "libxml2-debugsource-0:2.9.7-20.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.7-20.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.7-20.el8_10.aarch64",
"product": {
"name": "libxml2-debuginfo-0:2.9.7-20.el8_10.aarch64",
"product_id": "libxml2-debuginfo-0:2.9.7-20.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.7-20.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.7-20.el8_10.aarch64",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.7-20.el8_10.aarch64",
"product_id": "python3-libxml2-debuginfo-0:2.9.7-20.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.7-20.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libxml2-0:2.9.7-20.el8_10.aarch64",
"product": {
"name": "libxml2-0:2.9.7-20.el8_10.aarch64",
"product_id": "libxml2-0:2.9.7-20.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.7-20.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.9.7-20.el8_10.aarch64",
"product": {
"name": "python3-libxml2-0:2.9.7-20.el8_10.aarch64",
"product_id": "python3-libxml2-0:2.9.7-20.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.9.7-20.el8_10?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.7-20.el8_10.ppc64le",
"product": {
"name": "libxml2-devel-0:2.9.7-20.el8_10.ppc64le",
"product_id": "libxml2-devel-0:2.9.7-20.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.7-20.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.7-20.el8_10.ppc64le",
"product": {
"name": "libxml2-debugsource-0:2.9.7-20.el8_10.ppc64le",
"product_id": "libxml2-debugsource-0:2.9.7-20.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.7-20.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.7-20.el8_10.ppc64le",
"product": {
"name": "libxml2-debuginfo-0:2.9.7-20.el8_10.ppc64le",
"product_id": "libxml2-debuginfo-0:2.9.7-20.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.7-20.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.7-20.el8_10.ppc64le",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.7-20.el8_10.ppc64le",
"product_id": "python3-libxml2-debuginfo-0:2.9.7-20.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.7-20.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libxml2-0:2.9.7-20.el8_10.ppc64le",
"product": {
"name": "libxml2-0:2.9.7-20.el8_10.ppc64le",
"product_id": "libxml2-0:2.9.7-20.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.7-20.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.9.7-20.el8_10.ppc64le",
"product": {
"name": "python3-libxml2-0:2.9.7-20.el8_10.ppc64le",
"product_id": "python3-libxml2-0:2.9.7-20.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.9.7-20.el8_10?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.7-20.el8_10.i686",
"product": {
"name": "libxml2-devel-0:2.9.7-20.el8_10.i686",
"product_id": "libxml2-devel-0:2.9.7-20.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.7-20.el8_10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.7-20.el8_10.i686",
"product": {
"name": "libxml2-debugsource-0:2.9.7-20.el8_10.i686",
"product_id": "libxml2-debugsource-0:2.9.7-20.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.7-20.el8_10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.7-20.el8_10.i686",
"product": {
"name": "libxml2-debuginfo-0:2.9.7-20.el8_10.i686",
"product_id": "libxml2-debuginfo-0:2.9.7-20.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.7-20.el8_10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.7-20.el8_10.i686",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.7-20.el8_10.i686",
"product_id": "python3-libxml2-debuginfo-0:2.9.7-20.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.7-20.el8_10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libxml2-0:2.9.7-20.el8_10.i686",
"product": {
"name": "libxml2-0:2.9.7-20.el8_10.i686",
"product_id": "libxml2-0:2.9.7-20.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.7-20.el8_10?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.7-20.el8_10.x86_64",
"product": {
"name": "libxml2-devel-0:2.9.7-20.el8_10.x86_64",
"product_id": "libxml2-devel-0:2.9.7-20.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.7-20.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.7-20.el8_10.x86_64",
"product": {
"name": "libxml2-debugsource-0:2.9.7-20.el8_10.x86_64",
"product_id": "libxml2-debugsource-0:2.9.7-20.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.7-20.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.7-20.el8_10.x86_64",
"product": {
"name": "libxml2-debuginfo-0:2.9.7-20.el8_10.x86_64",
"product_id": "libxml2-debuginfo-0:2.9.7-20.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.7-20.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.7-20.el8_10.x86_64",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.7-20.el8_10.x86_64",
"product_id": "python3-libxml2-debuginfo-0:2.9.7-20.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.7-20.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-0:2.9.7-20.el8_10.x86_64",
"product": {
"name": "libxml2-0:2.9.7-20.el8_10.x86_64",
"product_id": "libxml2-0:2.9.7-20.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.7-20.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.9.7-20.el8_10.x86_64",
"product": {
"name": "python3-libxml2-0:2.9.7-20.el8_10.x86_64",
"product_id": "python3-libxml2-0:2.9.7-20.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.9.7-20.el8_10?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.7-20.el8_10.s390x",
"product": {
"name": "libxml2-devel-0:2.9.7-20.el8_10.s390x",
"product_id": "libxml2-devel-0:2.9.7-20.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.7-20.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.7-20.el8_10.s390x",
"product": {
"name": "libxml2-debugsource-0:2.9.7-20.el8_10.s390x",
"product_id": "libxml2-debugsource-0:2.9.7-20.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.7-20.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.7-20.el8_10.s390x",
"product": {
"name": "libxml2-debuginfo-0:2.9.7-20.el8_10.s390x",
"product_id": "libxml2-debuginfo-0:2.9.7-20.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.7-20.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.7-20.el8_10.s390x",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.7-20.el8_10.s390x",
"product_id": "python3-libxml2-debuginfo-0:2.9.7-20.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.7-20.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libxml2-0:2.9.7-20.el8_10.s390x",
"product": {
"name": "libxml2-0:2.9.7-20.el8_10.s390x",
"product_id": "libxml2-0:2.9.7-20.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.7-20.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.9.7-20.el8_10.s390x",
"product": {
"name": "python3-libxml2-0:2.9.7-20.el8_10.s390x",
"product_id": "python3-libxml2-0:2.9.7-20.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.9.7-20.el8_10?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.9.7-20.el8_10.src",
"product": {
"name": "libxml2-0:2.9.7-20.el8_10.src",
"product_id": "libxml2-0:2.9.7-20.el8_10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.7-20.el8_10?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-20.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.aarch64"
},
"product_reference": "libxml2-0:2.9.7-20.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-20.el8_10.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.i686"
},
"product_reference": "libxml2-0:2.9.7-20.el8_10.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-20.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.ppc64le"
},
"product_reference": "libxml2-0:2.9.7-20.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-20.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.s390x"
},
"product_reference": "libxml2-0:2.9.7-20.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-20.el8_10.src as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.src"
},
"product_reference": "libxml2-0:2.9.7-20.el8_10.src",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-20.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.x86_64"
},
"product_reference": "libxml2-0:2.9.7-20.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-20.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.aarch64"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-20.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-20.el8_10.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.i686"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-20.el8_10.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-20.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.ppc64le"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-20.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-20.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.s390x"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-20.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-20.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.x86_64"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-20.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-20.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.aarch64"
},
"product_reference": "libxml2-debugsource-0:2.9.7-20.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-20.el8_10.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.i686"
},
"product_reference": "libxml2-debugsource-0:2.9.7-20.el8_10.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-20.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.ppc64le"
},
"product_reference": "libxml2-debugsource-0:2.9.7-20.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-20.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.s390x"
},
"product_reference": "libxml2-debugsource-0:2.9.7-20.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-20.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.x86_64"
},
"product_reference": "libxml2-debugsource-0:2.9.7-20.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-20.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.aarch64"
},
"product_reference": "libxml2-devel-0:2.9.7-20.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-20.el8_10.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.i686"
},
"product_reference": "libxml2-devel-0:2.9.7-20.el8_10.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-20.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.ppc64le"
},
"product_reference": "libxml2-devel-0:2.9.7-20.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-20.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.s390x"
},
"product_reference": "libxml2-devel-0:2.9.7-20.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-20.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.x86_64"
},
"product_reference": "libxml2-devel-0:2.9.7-20.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-20.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.aarch64"
},
"product_reference": "python3-libxml2-0:2.9.7-20.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-20.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.ppc64le"
},
"product_reference": "python3-libxml2-0:2.9.7-20.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-20.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.s390x"
},
"product_reference": "python3-libxml2-0:2.9.7-20.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-20.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.x86_64"
},
"product_reference": "python3-libxml2-0:2.9.7-20.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-20.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.aarch64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-20.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-20.el8_10.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.i686"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-20.el8_10.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-20.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.ppc64le"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-20.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-20.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.s390x"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-20.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-20.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.x86_64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-20.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-20.el8_10.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.aarch64"
},
"product_reference": "libxml2-0:2.9.7-20.el8_10.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-20.el8_10.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.i686"
},
"product_reference": "libxml2-0:2.9.7-20.el8_10.i686",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-20.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.ppc64le"
},
"product_reference": "libxml2-0:2.9.7-20.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-20.el8_10.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.s390x"
},
"product_reference": "libxml2-0:2.9.7-20.el8_10.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-20.el8_10.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.src"
},
"product_reference": "libxml2-0:2.9.7-20.el8_10.src",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-20.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.x86_64"
},
"product_reference": "libxml2-0:2.9.7-20.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-20.el8_10.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.aarch64"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-20.el8_10.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-20.el8_10.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.i686"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-20.el8_10.i686",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-20.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.ppc64le"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-20.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-20.el8_10.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.s390x"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-20.el8_10.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-20.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.x86_64"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-20.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-20.el8_10.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.aarch64"
},
"product_reference": "libxml2-debugsource-0:2.9.7-20.el8_10.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-20.el8_10.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.i686"
},
"product_reference": "libxml2-debugsource-0:2.9.7-20.el8_10.i686",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-20.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.ppc64le"
},
"product_reference": "libxml2-debugsource-0:2.9.7-20.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-20.el8_10.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.s390x"
},
"product_reference": "libxml2-debugsource-0:2.9.7-20.el8_10.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-20.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.x86_64"
},
"product_reference": "libxml2-debugsource-0:2.9.7-20.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-20.el8_10.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.aarch64"
},
"product_reference": "libxml2-devel-0:2.9.7-20.el8_10.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-20.el8_10.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.i686"
},
"product_reference": "libxml2-devel-0:2.9.7-20.el8_10.i686",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-20.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.ppc64le"
},
"product_reference": "libxml2-devel-0:2.9.7-20.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-20.el8_10.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.s390x"
},
"product_reference": "libxml2-devel-0:2.9.7-20.el8_10.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-20.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.x86_64"
},
"product_reference": "libxml2-devel-0:2.9.7-20.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-20.el8_10.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.aarch64"
},
"product_reference": "python3-libxml2-0:2.9.7-20.el8_10.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-20.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.ppc64le"
},
"product_reference": "python3-libxml2-0:2.9.7-20.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-20.el8_10.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.s390x"
},
"product_reference": "python3-libxml2-0:2.9.7-20.el8_10.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-20.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.x86_64"
},
"product_reference": "python3-libxml2-0:2.9.7-20.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-20.el8_10.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.aarch64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-20.el8_10.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-20.el8_10.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.i686"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-20.el8_10.i686",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-20.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.ppc64le"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-20.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-20.el8_10.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.s390x"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-20.el8_10.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-20.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.x86_64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-20.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-32414",
"cwe": {
"id": "CWE-393",
"name": "Return of Wrong Status Code"
},
"discovery_date": "2025-04-08T04:00:51.284113+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2358121"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxml2. This vulnerability allows out-of-bounds memory access due to incorrect handling of return values in xmlPythonFileRead and xmlPythonFileReadRaw. This is caused by a mismatch between the length of the file in bytes vs the length in characters, as unicode characters can occupy up to 4 bytes per character.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Out-of-Bounds Read in libxml2",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This bug affects parsing of text streams using:\n- the Python bindings (pending deprecation: https://gitlab.gnome.org/GNOME/libxml2/-/issues/891)\n- the libxml2 SAX driver drv_libxml2,\n- the XML Reader API\n\nParsing of binary streams is not affected by this vulnerability.\n\nThe vulnerability exists in the libxml2 package the bug arises because of a mismatch between characters vs. bytes handling: functions xmlPythonFileRead and xmlPythonFileReadRaw may compute a length incorrectly (mistaking character count for byte count), but for a successful exploitation of this bug requires local access, on top of that the path to exploitation is non trivial, where handling of python binding\u0027s and specific input handling of bytes and characters are required which makes this outside the scope of an attacker and increases the attack complexity, for these reasons this has been marked as moderate by Red Hat.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-32414"
},
{
"category": "external",
"summary": "RHBZ#2358121",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2358121"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-32414",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32414"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/889",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/889"
}
],
"release_date": "2025-04-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-06-11T22:21:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:8958"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-20.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-20.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-20.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-20.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-20.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-20.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: Out-of-Bounds Read in libxml2"
}
]
}
RHSA-2026:7519
Vulnerability from csaf_redhat - Published: 2026-04-10 21:28 - Updated: 2026-06-04 17:50Summary
Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
Severity
Important
Notes
Topic: An update for Red Hat Hardened Images RPMs is now available.
Details: This update includes the following RPMs:
libxml2:
* libxml2-16-2.15.2-0.3.hum1 (aarch64, x86_64)
* libxml2-2.15.2-0.3.hum1 (aarch64, x86_64)
* libxml2-devel-2.15.2-0.3.hum1 (aarch64, x86_64)
* libxml2-static-2.15.2-0.3.hum1 (aarch64, x86_64)
* python3-libxml2-2.15.2-0.3.hum1 (aarch64, x86_64)
* libxml2-2.15.2-0.3.hum1.src (src)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:libxml2-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:libxml2-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:libxml2-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections.
CWE-121 - Stack-based Buffer OverflowAffected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:libxml2-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:libxml2-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:libxml2-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
A flaw was found in libxstl/libxml2. The 'exsltDynMapFunction' function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling 'dyn:map()', leading to stack exhaustion and a local denial of service.
6.2 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:libxml2-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:libxml2-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:libxml2-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An out of bounds read flaw has been discovered in libxml2. This flaw could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
5.5 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:libxml2-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:libxml2-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:libxml2-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in libxml2. This vulnerability allows out-of-bounds memory access due to incorrect handling of return values in xmlPythonFileRead and xmlPythonFileReadRaw. This is caused by a mismatch between the length of the file in bytes vs the length in characters, as unicode characters can occupy up to 4 bytes per character.
5.6 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:libxml2-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:libxml2-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:libxml2-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the libxml2 library. A heap-based underflow can be triggered when a crafted XML document is validated against an XML schema with certain identity constraints or when a crafted XML schema is used, causing a crash to the application linked to the library and resulting in a denial of service.
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:libxml2-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:libxml2-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:libxml2-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the <sch:name path="..."/> schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's crash using libxml or other possible undefined behaviors.
9.1 (Critical)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:libxml2-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:libxml2-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:libxml2-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A NULL pointer dereference vulnerability was found in libxml2 when processing XPath XML expressions. This flaw allows an attacker to craft a malicious XML input to libxml2, leading to a denial of service.
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:libxml2-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:libxml2-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:libxml2-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.
9.1 (Critical)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:libxml2-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:libxml2-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:libxml2-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested <include> directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may lead to stack exhaustion and application crashes, creating a denial-of-service risk.
CWE-674 - Uncontrolled RecursionAffected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:libxml2-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:libxml2-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:libxml2-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit this configuration-dependent issue by providing a specially crafted XML catalog, leading to infinite recursion and call stack exhaustion. This ultimately results in a segmentation fault, causing a Denial of Service (DoS) by crashing affected applications.
5.9 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:libxml2-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:libxml2-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:libxml2-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occurs when processing XML catalogs that contain repeated <nextCatalog> elements pointing to the same downstream catalog. A remote attacker can exploit this by supplying crafted catalogs, causing the parser to redundantly traverse catalog chains. This leads to excessive CPU consumption and degrades application availability, resulting in a denial-of-service condition.
CWE-400 - Uncontrolled Resource ConsumptionAffected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:libxml2-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:libxml2-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:libxml2-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
A flaw was identified in the interactive shell of the xmllint utility, part of the libxml2 project, where memory allocated for user input is not properly released under certain conditions. When a user submits input consisting only of whitespace, the program skips command execution but fails to free the allocated buffer. Repeating this action causes memory to continuously accumulate. Over time, this can exhaust system memory and terminate the xmllint process, creating a denial-of-service condition on the local system.
6.2 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:libxml2-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:libxml2-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:libxml2-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
85 references
Acknowledgments
Ahmed Lekssays
lanbigking
Nick Wellnhofer
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Red Hat Hardened Images RPMs is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "This update includes the following RPMs:\n\nlibxml2:\n * libxml2-16-2.15.2-0.3.hum1 (aarch64, x86_64)\n * libxml2-2.15.2-0.3.hum1 (aarch64, x86_64)\n * libxml2-devel-2.15.2-0.3.hum1 (aarch64, x86_64)\n * libxml2-static-2.15.2-0.3.hum1 (aarch64, x86_64)\n * python3-libxml2-2.15.2-0.3.hum1 (aarch64, x86_64)\n * libxml2-2.15.2-0.3.hum1.src (src)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:7519",
"url": "https://access.redhat.com/errata/RHSA-2026:7519"
},
{
"category": "external",
"summary": "https://images.redhat.com/",
"url": "https://images.redhat.com/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-32415",
"url": "https://access.redhat.com/security/cve/CVE-2025-32415"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-32414",
"url": "https://access.redhat.com/security/cve/CVE-2025-32414"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6170",
"url": "https://access.redhat.com/security/cve/CVE-2025-6170"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6021",
"url": "https://access.redhat.com/security/cve/CVE-2025-6021"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-49796",
"url": "https://access.redhat.com/security/cve/CVE-2025-49796"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-49795",
"url": "https://access.redhat.com/security/cve/CVE-2025-49795"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-49794",
"url": "https://access.redhat.com/security/cve/CVE-2025-49794"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9714",
"url": "https://access.redhat.com/security/cve/CVE-2025-9714"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-26434",
"url": "https://access.redhat.com/security/cve/CVE-2025-26434"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-0992",
"url": "https://access.redhat.com/security/cve/CVE-2026-0992"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-0990",
"url": "https://access.redhat.com/security/cve/CVE-2026-0990"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-0989",
"url": "https://access.redhat.com/security/cve/CVE-2026-0989"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-1757",
"url": "https://access.redhat.com/security/cve/CVE-2026-1757"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_7519.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update",
"tracking": {
"current_release_date": "2026-06-04T17:50:14+00:00",
"generator": {
"date": "2026-06-04T17:50:14+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2026:7519",
"initial_release_date": "2026-04-10T21:28:45+00:00",
"revision_history": [
{
"date": "2026-04-10T21:28:45+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-22T09:28:27+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-04T17:50:14+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Hardened Images",
"product": {
"name": "Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:hummingbird:1"
}
}
}
],
"category": "product_family",
"name": "Red Hat Hardened Images"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-main@aarch64",
"product": {
"name": "libxml2-main@aarch64",
"product_id": "libxml2-main@aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-16@2.15.2-0.3.hum1?arch=aarch64\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-aarch64-rpms"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-main@x86_64",
"product": {
"name": "libxml2-main@x86_64",
"product_id": "libxml2-main@x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-16@2.15.2-0.3.hum1?arch=x86_64\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-x86_64-rpms"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-main@src",
"product": {
"name": "libxml2-main@src",
"product_id": "libxml2-main@src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.15.2-0.3.hum1?arch=src\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-source-rpms"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-main@aarch64 as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:libxml2-main@aarch64"
},
"product_reference": "libxml2-main@aarch64",
"relates_to_product_reference": "Red Hat Hardened Images"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-main@src as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:libxml2-main@src"
},
"product_reference": "libxml2-main@src",
"relates_to_product_reference": "Red Hat Hardened Images"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-main@x86_64 as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:libxml2-main@x86_64"
},
"product_reference": "libxml2-main@x86_64",
"relates_to_product_reference": "Red Hat Hardened Images"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Ahmed Lekssays"
]
}
],
"cve": "CVE-2025-6021",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2025-06-12T07:55:45.428000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372406"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxml2\u0027s xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Moderate due to the lack of confidentiality impact and limited integrity concerns, with the main risk being potential denial-of-service from a crash. Exploitation requires crafted XML input and specific application behavior using xmlBuildQName. While it\u2019s a write overflow, modern mitigations make remote code execution unlikely.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6021"
},
{
"category": "external",
"summary": "RHBZ#2372406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6021",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6021"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/926",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/926"
}
],
"release_date": "2025-06-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T21:28:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7519"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability. Users are strongly advised to apply vendor-supplied patches as soon as they become available to address the underlying integer overflow flaw in the affected code.",
"product_ids": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2"
},
{
"acknowledgments": [
{
"names": [
"Ahmed Lekssays"
]
}
],
"cve": "CVE-2025-6170",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"discovery_date": "2025-06-16T05:33:22.955000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372952"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Stack Buffer Overflow in xmllint Interactive Shell Command Handling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has rated the severity of this vulnerability as Low, since it affects only the interactive shell mode of the xmllint tool and requires a user to manually run the tool and enter or receive specially crafted input. The exploitation requires local access and a highly specific usage scenario that is uncommon in typical environments. While it can cause a crash, the impact is limited to availability, and exploitation is unlikely in real-world deployments.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6170"
},
{
"category": "external",
"summary": "RHBZ#2372952",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372952"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6170"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6170",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6170"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/941",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/941"
}
],
"release_date": "2025-06-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T21:28:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7519"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to a widespread installation base, or stability. It is strongly recommended to apply the upstream patch once available.",
"product_ids": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 2.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "libxml2: Stack Buffer Overflow in xmllint Interactive Shell Command Handling"
},
{
"cve": "CVE-2025-9714",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2025-09-02T13:03:56.452000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392605"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxstl/libxml2. The \u0027exsltDynMapFunction\u0027 function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling \u0027dyn:map()\u0027, leading to stack exhaustion and a local denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No evidence was found for arbitrary memory corruption through this flaw, limiting its impact to Availability only, and reducing its severity to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9714"
},
{
"category": "external",
"summary": "RHBZ#2392605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392605"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9714",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9714"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148",
"url": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148"
}
],
"release_date": "2025-09-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T21:28:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7519"
},
{
"category": "workaround",
"details": "The impact of this flaw may be reduced by setting strict resource limits to the stack size of processes at the operational system level. This can be achieved either through the \u0027ulimit\u0027 shell built-in or the \u0027limits.conf\u0027 file.",
"product_ids": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c"
},
{
"cve": "CVE-2025-26434",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2025-09-05T17:01:34.688576+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2393475"
}
],
"notes": [
{
"category": "description",
"text": "An out of bounds read flaw has been discovered in libxml2. This flaw could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Libxml2 out of bounds read",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-26434"
},
{
"category": "external",
"summary": "RHBZ#2393475",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2393475"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-26434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26434"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-26434",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-26434"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/5e7874015ef5ed8b2705eb2f7b0960f56f7760ea",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/5e7874015ef5ed8b2705eb2f7b0960f56f7760ea"
},
{
"category": "external",
"summary": "https://security-tracker.debian.org/tracker/CVE-2025-26434",
"url": "https://security-tracker.debian.org/tracker/CVE-2025-26434"
},
{
"category": "external",
"summary": "https://source.android.com/security/bulletin/android-16",
"url": "https://source.android.com/security/bulletin/android-16"
}
],
"release_date": "2025-09-05T16:10:02.497000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T21:28:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7519"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: Libxml2 out of bounds read"
},
{
"cve": "CVE-2025-32414",
"cwe": {
"id": "CWE-393",
"name": "Return of Wrong Status Code"
},
"discovery_date": "2025-04-08T04:00:51.284113+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2358121"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxml2. This vulnerability allows out-of-bounds memory access due to incorrect handling of return values in xmlPythonFileRead and xmlPythonFileReadRaw. This is caused by a mismatch between the length of the file in bytes vs the length in characters, as unicode characters can occupy up to 4 bytes per character.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Out-of-Bounds Read in libxml2",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This bug affects parsing of text streams using:\n- the Python bindings (pending deprecation: https://gitlab.gnome.org/GNOME/libxml2/-/issues/891)\n- the libxml2 SAX driver drv_libxml2,\n- the XML Reader API\n\nParsing of binary streams is not affected by this vulnerability.\n\nThe vulnerability exists in the libxml2 package the bug arises because of a mismatch between characters vs. bytes handling: functions xmlPythonFileRead and xmlPythonFileReadRaw may compute a length incorrectly (mistaking character count for byte count), but for a successful exploitation of this bug requires local access, on top of that the path to exploitation is non trivial, where handling of python binding\u0027s and specific input handling of bytes and characters are required which makes this outside the scope of an attacker and increases the attack complexity, for these reasons this has been marked as moderate by Red Hat.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-32414"
},
{
"category": "external",
"summary": "RHBZ#2358121",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2358121"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-32414",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32414"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/889",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/889"
}
],
"release_date": "2025-04-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T21:28:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7519"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: Out-of-Bounds Read in libxml2"
},
{
"cve": "CVE-2025-32415",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-04-17T18:00:46.954384+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2360768"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the libxml2 library. A heap-based underflow can be triggered when a crafted XML document is validated against an XML schema with certain identity constraints or when a crafted XML schema is used, causing a crash to the application linked to the library and resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs to be able to process a specially crafted XML file with the application linked to the libxml2 library. Additionally, the only security impact of this vulnerability is a denial of service.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-32415"
},
{
"category": "external",
"summary": "RHBZ#2360768",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2360768"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-32415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-32415",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32415"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/890",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/890"
}
],
"release_date": "2025-04-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T21:28:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7519"
},
{
"category": "workaround",
"details": "Do not process untrusted files with the libxml2 library.",
"product_ids": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables"
},
{
"cve": "CVE-2025-49794",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-06-11T21:33:43.044000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372373"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the \u003csch:name path=\"...\"/\u003e schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program\u0027s crash using libxml or other possible undefined behaviors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue was rated with a severity impact of Important by Red Hat Product Security, as libxml can be used to parse XML coming from the network depending on how the program consumes it and uses the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49794"
},
{
"category": "external",
"summary": "RHBZ#2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/931",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/931"
}
],
"release_date": "2025-06-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T21:28:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7519"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than avoid processing untrusted XML documents before updating to the libxml version containing the fix.",
"product_ids": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)"
},
{
"cve": "CVE-2025-49795",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-06-12T00:31:08.194000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372379"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference vulnerability was found in libxml2 when processing XPath XML expressions. This flaw allows an attacker to craft a malicious XML input to libxml2, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Null pointer dereference leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability marked as Important rather than Moderate due to its triggerability through untrusted input and impact on availability in a widely-used XML processing library like libxml2, which is often embedded in system-level and server-side applications. Although it is \"just\" a NULL pointer dereference\u2014typically classified as a DoS\u2014the context significantly elevates its severity. libxml2 frequently operates in environments that parse external XML content, such as web services, security scanners, and document processors. A crafted XML exploiting malformed XPath in Schematron schemas can reliably crash the application without requiring special privileges or user interaction.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49795"
},
{
"category": "external",
"summary": "RHBZ#2372379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372379"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49795"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49795",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49795"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/932",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/932"
}
],
"release_date": "2025-06-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T21:28:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7519"
},
{
"category": "workaround",
"details": "Mitigation is either unavailable or does not meet Red Hat Product Security standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Null pointer dereference leads to Denial of service (DoS)"
},
{
"cve": "CVE-2025-49796",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-06-12T00:35:26.470000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372385"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Type confusion leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has evaluated this vulnerability as having an Important security impact, as libxml can be used to parse XML from the network depending on how the program consumes it using the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49796"
},
{
"category": "external",
"summary": "RHBZ#2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/933",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/933"
}
],
"release_date": "2025-06-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T21:28:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7519"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than to avoid processing untrusted XML documents if the user is unable/unwilling to update the library.",
"product_ids": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Type confusion leads to Denial of service (DoS)"
},
{
"acknowledgments": [
{
"names": [
"lanbigking"
]
}
],
"cve": "CVE-2026-0989",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2026-01-15T12:36:12.129000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2429933"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested \u003cinclude\u003e directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may lead to stack exhaustion and application crashes, creating a denial-of-service risk.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Unbounded RelaxNG Include Recursion Leading to Stack Overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat products. The flaw in libxml2\u0027s RelaxNG include handling requires attacker-controlled schema input to trigger unbounded recursion, leading to a denial of service. Exploitation is limited to scenarios where applications process untrusted RelaxNG schema files.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-0989"
},
{
"category": "external",
"summary": "RHBZ#2429933",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429933"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-0989",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0989"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-0989",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0989"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/998",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/998"
}
],
"release_date": "2026-01-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T21:28:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7519"
},
{
"category": "workaround",
"details": "To mitigate this issue, restrict applications using libxml2 from processing untrusted RelaxNG schema files. Implement strict input validation and sanitization for all RelaxNG schema inputs to prevent the parsing of maliciously crafted, deeply nested include directives.",
"product_ids": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "libxml2: Unbounded RelaxNG Include Recursion Leading to Stack Overflow"
},
{
"acknowledgments": [
{
"names": [
"Nick Wellnhofer"
]
}
],
"cve": "CVE-2026-0990",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2026-01-15T13:15:23.187000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2429959"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit this configuration-dependent issue by providing a specially crafted XML catalog, leading to infinite recursion and call stack exhaustion. This ultimately results in a segmentation fault, causing a Denial of Service (DoS) by crashing affected applications.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: libxml2: Denial of Service via uncontrolled recursion in XML catalog processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Moderate for Red Hat products. The flaw in libxml2, an XML parsing library, is configuration-dependent and occurs when processing specially crafted XML catalogs with self-referencing delegate URI entries. Exploitation requires an attacker to provide such a catalog, leading to a Denial of Service by crashing affected applications.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-0990"
},
{
"category": "external",
"summary": "RHBZ#2429959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429959"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-0990",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0990"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-0990",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0990"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/1018",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/1018"
}
],
"release_date": "2026-01-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T21:28:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7519"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: libxml2: Denial of Service via uncontrolled recursion in XML catalog processing"
},
{
"acknowledgments": [
{
"names": [
"Nick Wellnhofer"
]
}
],
"cve": "CVE-2026-0992",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2026-01-15T13:29:32.742000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2429975"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occurs when processing XML catalogs that contain repeated \u003cnextCatalog\u003e elements pointing to the same downstream catalog. A remote attacker can exploit this by supplying crafted catalogs, causing the parser to redundantly traverse catalog chains. This leads to excessive CPU consumption and degrades application availability, resulting in a denial-of-service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: libxml2: Denial of Service via crafted XML catalogs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat. It affects applications that use the libxml2 library to process XML catalogs. An attacker must locally supply specially crafted XML catalogs containing repeated \u003cnextCatalog\u003e elements, which can lead to excessive CPU consumption and a denial-of-service condition due to redundant catalog chain traversal.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-0992"
},
{
"category": "external",
"summary": "RHBZ#2429975",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429975"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-0992",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0992"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-0992",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0992"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/1019",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/1019"
}
],
"release_date": "2026-01-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T21:28:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7519"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 2.9,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "libxml2: libxml2: Denial of Service via crafted XML catalogs"
},
{
"acknowledgments": [
{
"names": [
"lanbigking"
]
}
],
"cve": "CVE-2026-1757",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2026-02-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2435940"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was identified in the interactive shell of the xmllint utility, part of the libxml2 project, where memory allocated for user input is not properly released under certain conditions. When a user submits input consisting only of whitespace, the program skips command execution but fails to free the allocated buffer. Repeating this action causes memory to continuously accumulate. Over time, this can exhaust system memory and terminate the xmllint process, creating a denial-of-service condition on the local system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Memory Leak Leading to Local Denial of Service in xmllint Interactive Shell",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This MODERATE impact flaw in the `xmllint` interactive shell allows a local attacker to cause a denial of service. By repeatedly providing whitespace-only input, an attacker can trigger a memory leak, leading to resource exhaustion and process termination. Exploitation requires local access to the system and interaction with the `xmllint` interactive shell.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1757"
},
{
"category": "external",
"summary": "RHBZ#2435940",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2435940"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1757",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1757"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1757",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1757"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/1009",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/1009"
}
],
"release_date": "2026-02-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T21:28:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7519"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:libxml2-main@aarch64",
"Red Hat Hardened Images:libxml2-main@src",
"Red Hat Hardened Images:libxml2-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: Memory Leak Leading to Local Denial of Service in xmllint Interactive Shell"
}
]
}
SUSE-SU-2025:1435-1
Vulnerability from csaf_suse - Published: 2025-05-02 10:39 - Updated: 2025-05-02 10:39Summary
Security update for libxml2
Severity
Moderate
Notes
Title of the patch: Security update for libxml2
Description of the patch: This update for libxml2 fixes the following issues:
- CVE-2025-32414: Fixed an out-of-bounds read when parsing text via the Python API. (bsc#1241551)
- CVE-2025-32415: Fixed a crafted XML document may lead to a heap-based buffer under-read. (bsc#1241453)
Patchnames: SUSE-2025-1435,SUSE-SLE-Micro-5.3-2025-1435,SUSE-SLE-Micro-5.4-2025-1435
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.6 (Medium)
Affected products
Recommended
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.41.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.41.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.41.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.41.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.41.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.41.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.41.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.41.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.41.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.41.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.41.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.41.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.41.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.41.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.41.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.41.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.41.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.41.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.41.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.41.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.41.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.41.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.41.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.41.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.41.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.41.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.41.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.41.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.41.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.41.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.41.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.41.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.41.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.41.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.41.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.41.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
References
12 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libxml2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libxml2 fixes the following issues:\n\n- CVE-2025-32414: Fixed an out-of-bounds read when parsing text via the Python API. (bsc#1241551)\n- CVE-2025-32415: Fixed a crafted XML document may lead to a heap-based buffer under-read. (bsc#1241453)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-1435,SUSE-SLE-Micro-5.3-2025-1435,SUSE-SLE-Micro-5.4-2025-1435",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_1435-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:1435-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20251435-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:1435-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-May/039123.html"
},
{
"category": "self",
"summary": "SUSE Bug 1241453",
"url": "https://bugzilla.suse.com/1241453"
},
{
"category": "self",
"summary": "SUSE Bug 1241551",
"url": "https://bugzilla.suse.com/1241551"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-32414 page",
"url": "https://www.suse.com/security/cve/CVE-2025-32414/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-32415 page",
"url": "https://www.suse.com/security/cve/CVE-2025-32415/"
}
],
"title": "Security update for libxml2",
"tracking": {
"current_release_date": "2025-05-02T10:39:17Z",
"generator": {
"date": "2025-05-02T10:39:17Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:1435-1",
"initial_release_date": "2025-05-02T10:39:17Z",
"revision_history": [
{
"date": "2025-05-02T10:39:17Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.9.14-150400.5.41.1.aarch64",
"product": {
"name": "libxml2-2-2.9.14-150400.5.41.1.aarch64",
"product_id": "libxml2-2-2.9.14-150400.5.41.1.aarch64"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.9.14-150400.5.41.1.aarch64",
"product": {
"name": "libxml2-devel-2.9.14-150400.5.41.1.aarch64",
"product_id": "libxml2-devel-2.9.14-150400.5.41.1.aarch64"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.9.14-150400.5.41.1.aarch64",
"product": {
"name": "libxml2-tools-2.9.14-150400.5.41.1.aarch64",
"product_id": "libxml2-tools-2.9.14-150400.5.41.1.aarch64"
}
},
{
"category": "product_version",
"name": "python3-libxml2-2.9.14-150400.5.41.1.aarch64",
"product": {
"name": "python3-libxml2-2.9.14-150400.5.41.1.aarch64",
"product_id": "python3-libxml2-2.9.14-150400.5.41.1.aarch64"
}
},
{
"category": "product_version",
"name": "python311-libxml2-2.9.14-150400.5.41.1.aarch64",
"product": {
"name": "python311-libxml2-2.9.14-150400.5.41.1.aarch64",
"product_id": "python311-libxml2-2.9.14-150400.5.41.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-64bit-2.9.14-150400.5.41.1.aarch64_ilp32",
"product": {
"name": "libxml2-2-64bit-2.9.14-150400.5.41.1.aarch64_ilp32",
"product_id": "libxml2-2-64bit-2.9.14-150400.5.41.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libxml2-devel-64bit-2.9.14-150400.5.41.1.aarch64_ilp32",
"product": {
"name": "libxml2-devel-64bit-2.9.14-150400.5.41.1.aarch64_ilp32",
"product_id": "libxml2-devel-64bit-2.9.14-150400.5.41.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.9.14-150400.5.41.1.i586",
"product": {
"name": "libxml2-2-2.9.14-150400.5.41.1.i586",
"product_id": "libxml2-2-2.9.14-150400.5.41.1.i586"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.9.14-150400.5.41.1.i586",
"product": {
"name": "libxml2-devel-2.9.14-150400.5.41.1.i586",
"product_id": "libxml2-devel-2.9.14-150400.5.41.1.i586"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.9.14-150400.5.41.1.i586",
"product": {
"name": "libxml2-tools-2.9.14-150400.5.41.1.i586",
"product_id": "libxml2-tools-2.9.14-150400.5.41.1.i586"
}
},
{
"category": "product_version",
"name": "python3-libxml2-2.9.14-150400.5.41.1.i586",
"product": {
"name": "python3-libxml2-2.9.14-150400.5.41.1.i586",
"product_id": "python3-libxml2-2.9.14-150400.5.41.1.i586"
}
},
{
"category": "product_version",
"name": "python311-libxml2-2.9.14-150400.5.41.1.i586",
"product": {
"name": "python311-libxml2-2.9.14-150400.5.41.1.i586",
"product_id": "python311-libxml2-2.9.14-150400.5.41.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-doc-2.9.14-150400.5.41.1.noarch",
"product": {
"name": "libxml2-doc-2.9.14-150400.5.41.1.noarch",
"product_id": "libxml2-doc-2.9.14-150400.5.41.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.9.14-150400.5.41.1.ppc64le",
"product": {
"name": "libxml2-2-2.9.14-150400.5.41.1.ppc64le",
"product_id": "libxml2-2-2.9.14-150400.5.41.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.9.14-150400.5.41.1.ppc64le",
"product": {
"name": "libxml2-devel-2.9.14-150400.5.41.1.ppc64le",
"product_id": "libxml2-devel-2.9.14-150400.5.41.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.9.14-150400.5.41.1.ppc64le",
"product": {
"name": "libxml2-tools-2.9.14-150400.5.41.1.ppc64le",
"product_id": "libxml2-tools-2.9.14-150400.5.41.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python3-libxml2-2.9.14-150400.5.41.1.ppc64le",
"product": {
"name": "python3-libxml2-2.9.14-150400.5.41.1.ppc64le",
"product_id": "python3-libxml2-2.9.14-150400.5.41.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python311-libxml2-2.9.14-150400.5.41.1.ppc64le",
"product": {
"name": "python311-libxml2-2.9.14-150400.5.41.1.ppc64le",
"product_id": "python311-libxml2-2.9.14-150400.5.41.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.9.14-150400.5.41.1.s390x",
"product": {
"name": "libxml2-2-2.9.14-150400.5.41.1.s390x",
"product_id": "libxml2-2-2.9.14-150400.5.41.1.s390x"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.9.14-150400.5.41.1.s390x",
"product": {
"name": "libxml2-devel-2.9.14-150400.5.41.1.s390x",
"product_id": "libxml2-devel-2.9.14-150400.5.41.1.s390x"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.9.14-150400.5.41.1.s390x",
"product": {
"name": "libxml2-tools-2.9.14-150400.5.41.1.s390x",
"product_id": "libxml2-tools-2.9.14-150400.5.41.1.s390x"
}
},
{
"category": "product_version",
"name": "python3-libxml2-2.9.14-150400.5.41.1.s390x",
"product": {
"name": "python3-libxml2-2.9.14-150400.5.41.1.s390x",
"product_id": "python3-libxml2-2.9.14-150400.5.41.1.s390x"
}
},
{
"category": "product_version",
"name": "python311-libxml2-2.9.14-150400.5.41.1.s390x",
"product": {
"name": "python311-libxml2-2.9.14-150400.5.41.1.s390x",
"product_id": "python311-libxml2-2.9.14-150400.5.41.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.9.14-150400.5.41.1.x86_64",
"product": {
"name": "libxml2-2-2.9.14-150400.5.41.1.x86_64",
"product_id": "libxml2-2-2.9.14-150400.5.41.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-2-32bit-2.9.14-150400.5.41.1.x86_64",
"product": {
"name": "libxml2-2-32bit-2.9.14-150400.5.41.1.x86_64",
"product_id": "libxml2-2-32bit-2.9.14-150400.5.41.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.9.14-150400.5.41.1.x86_64",
"product": {
"name": "libxml2-devel-2.9.14-150400.5.41.1.x86_64",
"product_id": "libxml2-devel-2.9.14-150400.5.41.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-devel-32bit-2.9.14-150400.5.41.1.x86_64",
"product": {
"name": "libxml2-devel-32bit-2.9.14-150400.5.41.1.x86_64",
"product_id": "libxml2-devel-32bit-2.9.14-150400.5.41.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.9.14-150400.5.41.1.x86_64",
"product": {
"name": "libxml2-tools-2.9.14-150400.5.41.1.x86_64",
"product_id": "libxml2-tools-2.9.14-150400.5.41.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-libxml2-2.9.14-150400.5.41.1.x86_64",
"product": {
"name": "python3-libxml2-2.9.14-150400.5.41.1.x86_64",
"product_id": "python3-libxml2-2.9.14-150400.5.41.1.x86_64"
}
},
{
"category": "product_version",
"name": "python311-libxml2-2.9.14-150400.5.41.1.x86_64",
"product": {
"name": "python311-libxml2-2.9.14-150400.5.41.1.x86_64",
"product_id": "python311-libxml2-2.9.14-150400.5.41.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.14-150400.5.41.1.aarch64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.41.1.aarch64"
},
"product_reference": "libxml2-2-2.9.14-150400.5.41.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.14-150400.5.41.1.s390x as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.41.1.s390x"
},
"product_reference": "libxml2-2-2.9.14-150400.5.41.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.14-150400.5.41.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.41.1.x86_64"
},
"product_reference": "libxml2-2-2.9.14-150400.5.41.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.14-150400.5.41.1.aarch64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.41.1.aarch64"
},
"product_reference": "libxml2-tools-2.9.14-150400.5.41.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.14-150400.5.41.1.s390x as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.41.1.s390x"
},
"product_reference": "libxml2-tools-2.9.14-150400.5.41.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.14-150400.5.41.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.41.1.x86_64"
},
"product_reference": "libxml2-tools-2.9.14-150400.5.41.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.9.14-150400.5.41.1.aarch64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.41.1.aarch64"
},
"product_reference": "python3-libxml2-2.9.14-150400.5.41.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.9.14-150400.5.41.1.s390x as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.41.1.s390x"
},
"product_reference": "python3-libxml2-2.9.14-150400.5.41.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.9.14-150400.5.41.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.41.1.x86_64"
},
"product_reference": "python3-libxml2-2.9.14-150400.5.41.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.14-150400.5.41.1.aarch64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.41.1.aarch64"
},
"product_reference": "libxml2-2-2.9.14-150400.5.41.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.14-150400.5.41.1.s390x as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.41.1.s390x"
},
"product_reference": "libxml2-2-2.9.14-150400.5.41.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.14-150400.5.41.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.41.1.x86_64"
},
"product_reference": "libxml2-2-2.9.14-150400.5.41.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.14-150400.5.41.1.aarch64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.41.1.aarch64"
},
"product_reference": "libxml2-tools-2.9.14-150400.5.41.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.14-150400.5.41.1.s390x as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.41.1.s390x"
},
"product_reference": "libxml2-tools-2.9.14-150400.5.41.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.14-150400.5.41.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.41.1.x86_64"
},
"product_reference": "libxml2-tools-2.9.14-150400.5.41.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.9.14-150400.5.41.1.aarch64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.41.1.aarch64"
},
"product_reference": "python3-libxml2-2.9.14-150400.5.41.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.9.14-150400.5.41.1.s390x as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.41.1.s390x"
},
"product_reference": "python3-libxml2-2.9.14-150400.5.41.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.9.14-150400.5.41.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.41.1.x86_64"
},
"product_reference": "python3-libxml2-2.9.14-150400.5.41.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-32414",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-32414"
}
],
"notes": [
{
"category": "general",
"text": "In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.41.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.41.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.41.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.41.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.41.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.41.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.41.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.41.1.s390x",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.41.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.41.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.41.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.41.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.41.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.41.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.41.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.41.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.41.1.s390x",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-32414",
"url": "https://www.suse.com/security/cve/CVE-2025-32414"
},
{
"category": "external",
"summary": "SUSE Bug 1241551 for CVE-2025-32414",
"url": "https://bugzilla.suse.com/1241551"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.41.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.41.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.41.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.41.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.41.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.41.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.41.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.41.1.s390x",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.41.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.41.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.41.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.41.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.41.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.41.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.41.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.41.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.41.1.s390x",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.41.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.41.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.41.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.41.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.41.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.41.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.41.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.41.1.s390x",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.41.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.41.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.41.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.41.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.41.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.41.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.41.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.41.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.41.1.s390x",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-02T10:39:17Z",
"details": "moderate"
}
],
"title": "CVE-2025-32414"
},
{
"cve": "CVE-2025-32415",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-32415"
}
],
"notes": [
{
"category": "general",
"text": "In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.41.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.41.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.41.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.41.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.41.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.41.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.41.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.41.1.s390x",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.41.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.41.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.41.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.41.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.41.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.41.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.41.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.41.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.41.1.s390x",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-32415",
"url": "https://www.suse.com/security/cve/CVE-2025-32415"
},
{
"category": "external",
"summary": "SUSE Bug 1241453 for CVE-2025-32415",
"url": "https://bugzilla.suse.com/1241453"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.41.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.41.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.41.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.41.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.41.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.41.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.41.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.41.1.s390x",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.41.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.41.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.41.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.41.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.41.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.41.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.41.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.41.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.41.1.s390x",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.41.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.41.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.41.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.41.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.41.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.41.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.41.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.41.1.s390x",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.41.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.41.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.41.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.41.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.41.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.41.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.41.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.41.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.41.1.s390x",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-02T10:39:17Z",
"details": "low"
}
],
"title": "CVE-2025-32415"
}
]
}
SUSE-SU-2025:1438-1
Vulnerability from csaf_suse - Published: 2025-05-02 13:44 - Updated: 2025-05-02 13:44Summary
Security update for libxml2
Severity
Moderate
Notes
Title of the patch: Security update for libxml2
Description of the patch: This update for libxml2 fixes the following issues:
- CVE-2025-32414: Fixed an out-of-bounds read when parsing text via the Python API. (bsc#1241551)
- CVE-2025-32415: Fixed a crafted XML document may lead to a heap-based buffer under-read. (bsc#1241453)
Patchnames: SUSE-2025-1438,SUSE-SLE-Micro-5.5-2025-1438,SUSE-SLE-Module-Basesystem-15-SP6-2025-1438,SUSE-SLE-Module-Python3-15-SP6-2025-1438,openSUSE-SLE-15.6-2025-1438
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.6 (Medium)
Affected products
Recommended
56 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-32bit-2.10.3-150500.5.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libxml2-2-32bit-2.10.3-150500.5.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libxml2-devel-32bit-2.10.3-150500.5.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libxml2-doc-2.10.3-150500.5.26.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.26.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
56 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-32bit-2.10.3-150500.5.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libxml2-2-32bit-2.10.3-150500.5.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libxml2-devel-32bit-2.10.3-150500.5.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libxml2-doc-2.10.3-150500.5.26.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.26.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
References
12 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libxml2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libxml2 fixes the following issues:\n\n- CVE-2025-32414: Fixed an out-of-bounds read when parsing text via the Python API. (bsc#1241551)\n- CVE-2025-32415: Fixed a crafted XML document may lead to a heap-based buffer under-read. (bsc#1241453)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-1438,SUSE-SLE-Micro-5.5-2025-1438,SUSE-SLE-Module-Basesystem-15-SP6-2025-1438,SUSE-SLE-Module-Python3-15-SP6-2025-1438,openSUSE-SLE-15.6-2025-1438",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_1438-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:1438-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20251438-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:1438-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-May/039133.html"
},
{
"category": "self",
"summary": "SUSE Bug 1241453",
"url": "https://bugzilla.suse.com/1241453"
},
{
"category": "self",
"summary": "SUSE Bug 1241551",
"url": "https://bugzilla.suse.com/1241551"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-32414 page",
"url": "https://www.suse.com/security/cve/CVE-2025-32414/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-32415 page",
"url": "https://www.suse.com/security/cve/CVE-2025-32415/"
}
],
"title": "Security update for libxml2",
"tracking": {
"current_release_date": "2025-05-02T13:44:11Z",
"generator": {
"date": "2025-05-02T13:44:11Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:1438-1",
"initial_release_date": "2025-05-02T13:44:11Z",
"revision_history": [
{
"date": "2025-05-02T13:44:11Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.10.3-150500.5.26.1.aarch64",
"product": {
"name": "libxml2-2-2.10.3-150500.5.26.1.aarch64",
"product_id": "libxml2-2-2.10.3-150500.5.26.1.aarch64"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.10.3-150500.5.26.1.aarch64",
"product": {
"name": "libxml2-devel-2.10.3-150500.5.26.1.aarch64",
"product_id": "libxml2-devel-2.10.3-150500.5.26.1.aarch64"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.10.3-150500.5.26.1.aarch64",
"product": {
"name": "libxml2-tools-2.10.3-150500.5.26.1.aarch64",
"product_id": "libxml2-tools-2.10.3-150500.5.26.1.aarch64"
}
},
{
"category": "product_version",
"name": "python3-libxml2-2.10.3-150500.5.26.1.aarch64",
"product": {
"name": "python3-libxml2-2.10.3-150500.5.26.1.aarch64",
"product_id": "python3-libxml2-2.10.3-150500.5.26.1.aarch64"
}
},
{
"category": "product_version",
"name": "python311-libxml2-2.10.3-150500.5.26.1.aarch64",
"product": {
"name": "python311-libxml2-2.10.3-150500.5.26.1.aarch64",
"product_id": "python311-libxml2-2.10.3-150500.5.26.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-64bit-2.10.3-150500.5.26.1.aarch64_ilp32",
"product": {
"name": "libxml2-2-64bit-2.10.3-150500.5.26.1.aarch64_ilp32",
"product_id": "libxml2-2-64bit-2.10.3-150500.5.26.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libxml2-devel-64bit-2.10.3-150500.5.26.1.aarch64_ilp32",
"product": {
"name": "libxml2-devel-64bit-2.10.3-150500.5.26.1.aarch64_ilp32",
"product_id": "libxml2-devel-64bit-2.10.3-150500.5.26.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.10.3-150500.5.26.1.i586",
"product": {
"name": "libxml2-2-2.10.3-150500.5.26.1.i586",
"product_id": "libxml2-2-2.10.3-150500.5.26.1.i586"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.10.3-150500.5.26.1.i586",
"product": {
"name": "libxml2-devel-2.10.3-150500.5.26.1.i586",
"product_id": "libxml2-devel-2.10.3-150500.5.26.1.i586"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.10.3-150500.5.26.1.i586",
"product": {
"name": "libxml2-tools-2.10.3-150500.5.26.1.i586",
"product_id": "libxml2-tools-2.10.3-150500.5.26.1.i586"
}
},
{
"category": "product_version",
"name": "python3-libxml2-2.10.3-150500.5.26.1.i586",
"product": {
"name": "python3-libxml2-2.10.3-150500.5.26.1.i586",
"product_id": "python3-libxml2-2.10.3-150500.5.26.1.i586"
}
},
{
"category": "product_version",
"name": "python311-libxml2-2.10.3-150500.5.26.1.i586",
"product": {
"name": "python311-libxml2-2.10.3-150500.5.26.1.i586",
"product_id": "python311-libxml2-2.10.3-150500.5.26.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-doc-2.10.3-150500.5.26.1.noarch",
"product": {
"name": "libxml2-doc-2.10.3-150500.5.26.1.noarch",
"product_id": "libxml2-doc-2.10.3-150500.5.26.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.10.3-150500.5.26.1.ppc64le",
"product": {
"name": "libxml2-2-2.10.3-150500.5.26.1.ppc64le",
"product_id": "libxml2-2-2.10.3-150500.5.26.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.10.3-150500.5.26.1.ppc64le",
"product": {
"name": "libxml2-devel-2.10.3-150500.5.26.1.ppc64le",
"product_id": "libxml2-devel-2.10.3-150500.5.26.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.10.3-150500.5.26.1.ppc64le",
"product": {
"name": "libxml2-tools-2.10.3-150500.5.26.1.ppc64le",
"product_id": "libxml2-tools-2.10.3-150500.5.26.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python3-libxml2-2.10.3-150500.5.26.1.ppc64le",
"product": {
"name": "python3-libxml2-2.10.3-150500.5.26.1.ppc64le",
"product_id": "python3-libxml2-2.10.3-150500.5.26.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python311-libxml2-2.10.3-150500.5.26.1.ppc64le",
"product": {
"name": "python311-libxml2-2.10.3-150500.5.26.1.ppc64le",
"product_id": "python311-libxml2-2.10.3-150500.5.26.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.10.3-150500.5.26.1.s390x",
"product": {
"name": "libxml2-2-2.10.3-150500.5.26.1.s390x",
"product_id": "libxml2-2-2.10.3-150500.5.26.1.s390x"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.10.3-150500.5.26.1.s390x",
"product": {
"name": "libxml2-devel-2.10.3-150500.5.26.1.s390x",
"product_id": "libxml2-devel-2.10.3-150500.5.26.1.s390x"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.10.3-150500.5.26.1.s390x",
"product": {
"name": "libxml2-tools-2.10.3-150500.5.26.1.s390x",
"product_id": "libxml2-tools-2.10.3-150500.5.26.1.s390x"
}
},
{
"category": "product_version",
"name": "python3-libxml2-2.10.3-150500.5.26.1.s390x",
"product": {
"name": "python3-libxml2-2.10.3-150500.5.26.1.s390x",
"product_id": "python3-libxml2-2.10.3-150500.5.26.1.s390x"
}
},
{
"category": "product_version",
"name": "python311-libxml2-2.10.3-150500.5.26.1.s390x",
"product": {
"name": "python311-libxml2-2.10.3-150500.5.26.1.s390x",
"product_id": "python311-libxml2-2.10.3-150500.5.26.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.10.3-150500.5.26.1.x86_64",
"product": {
"name": "libxml2-2-2.10.3-150500.5.26.1.x86_64",
"product_id": "libxml2-2-2.10.3-150500.5.26.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-2-32bit-2.10.3-150500.5.26.1.x86_64",
"product": {
"name": "libxml2-2-32bit-2.10.3-150500.5.26.1.x86_64",
"product_id": "libxml2-2-32bit-2.10.3-150500.5.26.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.10.3-150500.5.26.1.x86_64",
"product": {
"name": "libxml2-devel-2.10.3-150500.5.26.1.x86_64",
"product_id": "libxml2-devel-2.10.3-150500.5.26.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-devel-32bit-2.10.3-150500.5.26.1.x86_64",
"product": {
"name": "libxml2-devel-32bit-2.10.3-150500.5.26.1.x86_64",
"product_id": "libxml2-devel-32bit-2.10.3-150500.5.26.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.10.3-150500.5.26.1.x86_64",
"product": {
"name": "libxml2-tools-2.10.3-150500.5.26.1.x86_64",
"product_id": "libxml2-tools-2.10.3-150500.5.26.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-libxml2-2.10.3-150500.5.26.1.x86_64",
"product": {
"name": "python3-libxml2-2.10.3-150500.5.26.1.x86_64",
"product_id": "python3-libxml2-2.10.3-150500.5.26.1.x86_64"
}
},
{
"category": "product_version",
"name": "python311-libxml2-2.10.3-150500.5.26.1.x86_64",
"product": {
"name": "python311-libxml2-2.10.3-150500.5.26.1.x86_64",
"product_id": "python311-libxml2-2.10.3-150500.5.26.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Python 3 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Python 3 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-python3:15:sp6"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.10.3-150500.5.26.1.aarch64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.26.1.aarch64"
},
"product_reference": "libxml2-2-2.10.3-150500.5.26.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.10.3-150500.5.26.1.ppc64le as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.26.1.ppc64le"
},
"product_reference": "libxml2-2-2.10.3-150500.5.26.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.10.3-150500.5.26.1.s390x as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.26.1.s390x"
},
"product_reference": "libxml2-2-2.10.3-150500.5.26.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.10.3-150500.5.26.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.26.1.x86_64"
},
"product_reference": "libxml2-2-2.10.3-150500.5.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.10.3-150500.5.26.1.aarch64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.26.1.aarch64"
},
"product_reference": "libxml2-tools-2.10.3-150500.5.26.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.10.3-150500.5.26.1.ppc64le as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.26.1.ppc64le"
},
"product_reference": "libxml2-tools-2.10.3-150500.5.26.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.10.3-150500.5.26.1.s390x as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.26.1.s390x"
},
"product_reference": "libxml2-tools-2.10.3-150500.5.26.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.10.3-150500.5.26.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.26.1.x86_64"
},
"product_reference": "libxml2-tools-2.10.3-150500.5.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.10.3-150500.5.26.1.aarch64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.26.1.aarch64"
},
"product_reference": "python3-libxml2-2.10.3-150500.5.26.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.10.3-150500.5.26.1.ppc64le as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.26.1.ppc64le"
},
"product_reference": "python3-libxml2-2.10.3-150500.5.26.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.10.3-150500.5.26.1.s390x as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.26.1.s390x"
},
"product_reference": "python3-libxml2-2.10.3-150500.5.26.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.10.3-150500.5.26.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.26.1.x86_64"
},
"product_reference": "python3-libxml2-2.10.3-150500.5.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.10.3-150500.5.26.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.26.1.aarch64"
},
"product_reference": "libxml2-2-2.10.3-150500.5.26.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.10.3-150500.5.26.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.26.1.ppc64le"
},
"product_reference": "libxml2-2-2.10.3-150500.5.26.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.10.3-150500.5.26.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.26.1.s390x"
},
"product_reference": "libxml2-2-2.10.3-150500.5.26.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.10.3-150500.5.26.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.26.1.x86_64"
},
"product_reference": "libxml2-2-2.10.3-150500.5.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-32bit-2.10.3-150500.5.26.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-32bit-2.10.3-150500.5.26.1.x86_64"
},
"product_reference": "libxml2-2-32bit-2.10.3-150500.5.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.10.3-150500.5.26.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.26.1.aarch64"
},
"product_reference": "libxml2-devel-2.10.3-150500.5.26.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.10.3-150500.5.26.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.26.1.ppc64le"
},
"product_reference": "libxml2-devel-2.10.3-150500.5.26.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.10.3-150500.5.26.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.26.1.s390x"
},
"product_reference": "libxml2-devel-2.10.3-150500.5.26.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.10.3-150500.5.26.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.26.1.x86_64"
},
"product_reference": "libxml2-devel-2.10.3-150500.5.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.10.3-150500.5.26.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.26.1.aarch64"
},
"product_reference": "libxml2-tools-2.10.3-150500.5.26.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.10.3-150500.5.26.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.26.1.ppc64le"
},
"product_reference": "libxml2-tools-2.10.3-150500.5.26.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.10.3-150500.5.26.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.26.1.s390x"
},
"product_reference": "libxml2-tools-2.10.3-150500.5.26.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.10.3-150500.5.26.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.26.1.x86_64"
},
"product_reference": "libxml2-tools-2.10.3-150500.5.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.10.3-150500.5.26.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.26.1.aarch64"
},
"product_reference": "python3-libxml2-2.10.3-150500.5.26.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.10.3-150500.5.26.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.26.1.ppc64le"
},
"product_reference": "python3-libxml2-2.10.3-150500.5.26.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.10.3-150500.5.26.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.26.1.s390x"
},
"product_reference": "python3-libxml2-2.10.3-150500.5.26.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.10.3-150500.5.26.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.26.1.x86_64"
},
"product_reference": "python3-libxml2-2.10.3-150500.5.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.10.3-150500.5.26.1.aarch64 as component of SUSE Linux Enterprise Module for Python 3 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.26.1.aarch64"
},
"product_reference": "python311-libxml2-2.10.3-150500.5.26.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Python 3 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.10.3-150500.5.26.1.ppc64le as component of SUSE Linux Enterprise Module for Python 3 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.26.1.ppc64le"
},
"product_reference": "python311-libxml2-2.10.3-150500.5.26.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Python 3 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.10.3-150500.5.26.1.s390x as component of SUSE Linux Enterprise Module for Python 3 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.26.1.s390x"
},
"product_reference": "python311-libxml2-2.10.3-150500.5.26.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Python 3 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.10.3-150500.5.26.1.x86_64 as component of SUSE Linux Enterprise Module for Python 3 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.26.1.x86_64"
},
"product_reference": "python311-libxml2-2.10.3-150500.5.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Python 3 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.10.3-150500.5.26.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.26.1.aarch64"
},
"product_reference": "libxml2-2-2.10.3-150500.5.26.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.10.3-150500.5.26.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.26.1.ppc64le"
},
"product_reference": "libxml2-2-2.10.3-150500.5.26.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.10.3-150500.5.26.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.26.1.s390x"
},
"product_reference": "libxml2-2-2.10.3-150500.5.26.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.10.3-150500.5.26.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.26.1.x86_64"
},
"product_reference": "libxml2-2-2.10.3-150500.5.26.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-32bit-2.10.3-150500.5.26.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libxml2-2-32bit-2.10.3-150500.5.26.1.x86_64"
},
"product_reference": "libxml2-2-32bit-2.10.3-150500.5.26.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.10.3-150500.5.26.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.26.1.aarch64"
},
"product_reference": "libxml2-devel-2.10.3-150500.5.26.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.10.3-150500.5.26.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.26.1.ppc64le"
},
"product_reference": "libxml2-devel-2.10.3-150500.5.26.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.10.3-150500.5.26.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.26.1.s390x"
},
"product_reference": "libxml2-devel-2.10.3-150500.5.26.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.10.3-150500.5.26.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.26.1.x86_64"
},
"product_reference": "libxml2-devel-2.10.3-150500.5.26.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-32bit-2.10.3-150500.5.26.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libxml2-devel-32bit-2.10.3-150500.5.26.1.x86_64"
},
"product_reference": "libxml2-devel-32bit-2.10.3-150500.5.26.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-doc-2.10.3-150500.5.26.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libxml2-doc-2.10.3-150500.5.26.1.noarch"
},
"product_reference": "libxml2-doc-2.10.3-150500.5.26.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.10.3-150500.5.26.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.26.1.aarch64"
},
"product_reference": "libxml2-tools-2.10.3-150500.5.26.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.10.3-150500.5.26.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.26.1.ppc64le"
},
"product_reference": "libxml2-tools-2.10.3-150500.5.26.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.10.3-150500.5.26.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.26.1.s390x"
},
"product_reference": "libxml2-tools-2.10.3-150500.5.26.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.10.3-150500.5.26.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.26.1.x86_64"
},
"product_reference": "libxml2-tools-2.10.3-150500.5.26.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.10.3-150500.5.26.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.26.1.aarch64"
},
"product_reference": "python3-libxml2-2.10.3-150500.5.26.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.10.3-150500.5.26.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.26.1.ppc64le"
},
"product_reference": "python3-libxml2-2.10.3-150500.5.26.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.10.3-150500.5.26.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.26.1.s390x"
},
"product_reference": "python3-libxml2-2.10.3-150500.5.26.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.10.3-150500.5.26.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.26.1.x86_64"
},
"product_reference": "python3-libxml2-2.10.3-150500.5.26.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.10.3-150500.5.26.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.26.1.aarch64"
},
"product_reference": "python311-libxml2-2.10.3-150500.5.26.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.10.3-150500.5.26.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.26.1.ppc64le"
},
"product_reference": "python311-libxml2-2.10.3-150500.5.26.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.10.3-150500.5.26.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.26.1.s390x"
},
"product_reference": "python311-libxml2-2.10.3-150500.5.26.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.10.3-150500.5.26.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.26.1.x86_64"
},
"product_reference": "python311-libxml2-2.10.3-150500.5.26.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-32414",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-32414"
}
],
"notes": [
{
"category": "general",
"text": "In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-32bit-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.26.1.aarch64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.26.1.ppc64le",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.26.1.s390x",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-32bit-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.26.1.aarch64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.26.1.ppc64le",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.26.1.s390x",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-32bit-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:libxml2-doc-2.10.3-150500.5.26.1.noarch",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.26.1.aarch64",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.26.1.ppc64le",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.26.1.s390x",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.26.1.aarch64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.26.1.ppc64le",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.26.1.s390x",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.26.1.aarch64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.26.1.ppc64le",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.26.1.s390x",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.26.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-32414",
"url": "https://www.suse.com/security/cve/CVE-2025-32414"
},
{
"category": "external",
"summary": "SUSE Bug 1241551 for CVE-2025-32414",
"url": "https://bugzilla.suse.com/1241551"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-32bit-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.26.1.aarch64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.26.1.ppc64le",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.26.1.s390x",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-32bit-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.26.1.aarch64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.26.1.ppc64le",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.26.1.s390x",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-32bit-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:libxml2-doc-2.10.3-150500.5.26.1.noarch",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.26.1.aarch64",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.26.1.ppc64le",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.26.1.s390x",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.26.1.aarch64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.26.1.ppc64le",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.26.1.s390x",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.26.1.aarch64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.26.1.ppc64le",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.26.1.s390x",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.26.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-32bit-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.26.1.aarch64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.26.1.ppc64le",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.26.1.s390x",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-32bit-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.26.1.aarch64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.26.1.ppc64le",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.26.1.s390x",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-32bit-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:libxml2-doc-2.10.3-150500.5.26.1.noarch",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.26.1.aarch64",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.26.1.ppc64le",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.26.1.s390x",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.26.1.aarch64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.26.1.ppc64le",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.26.1.s390x",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.26.1.aarch64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.26.1.ppc64le",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.26.1.s390x",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.26.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-02T13:44:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-32414"
},
{
"cve": "CVE-2025-32415",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-32415"
}
],
"notes": [
{
"category": "general",
"text": "In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-32bit-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.26.1.aarch64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.26.1.ppc64le",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.26.1.s390x",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-32bit-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.26.1.aarch64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.26.1.ppc64le",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.26.1.s390x",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-32bit-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:libxml2-doc-2.10.3-150500.5.26.1.noarch",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.26.1.aarch64",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.26.1.ppc64le",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.26.1.s390x",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.26.1.aarch64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.26.1.ppc64le",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.26.1.s390x",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.26.1.aarch64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.26.1.ppc64le",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.26.1.s390x",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.26.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-32415",
"url": "https://www.suse.com/security/cve/CVE-2025-32415"
},
{
"category": "external",
"summary": "SUSE Bug 1241453 for CVE-2025-32415",
"url": "https://bugzilla.suse.com/1241453"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-32bit-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.26.1.aarch64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.26.1.ppc64le",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.26.1.s390x",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-32bit-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.26.1.aarch64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.26.1.ppc64le",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.26.1.s390x",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-32bit-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:libxml2-doc-2.10.3-150500.5.26.1.noarch",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.26.1.aarch64",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.26.1.ppc64le",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.26.1.s390x",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.26.1.aarch64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.26.1.ppc64le",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.26.1.s390x",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.26.1.aarch64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.26.1.ppc64le",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.26.1.s390x",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.26.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-32bit-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.26.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.26.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.26.1.aarch64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.26.1.ppc64le",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.26.1.s390x",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-32bit-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.26.1.aarch64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.26.1.ppc64le",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.26.1.s390x",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-32bit-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:libxml2-doc-2.10.3-150500.5.26.1.noarch",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.26.1.aarch64",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.26.1.ppc64le",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.26.1.s390x",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.26.1.aarch64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.26.1.ppc64le",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.26.1.s390x",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.26.1.x86_64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.26.1.aarch64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.26.1.ppc64le",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.26.1.s390x",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.26.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-02T13:44:11Z",
"details": "low"
}
],
"title": "CVE-2025-32415"
}
]
}
SUSE-SU-2025:1439-1
Vulnerability from csaf_suse - Published: 2025-05-02 13:44 - Updated: 2025-05-02 13:44Summary
Security update for libxml2
Severity
Moderate
Notes
Title of the patch: Security update for libxml2
Description of the patch: This update for libxml2 fixes the following issues:
- CVE-2025-32414: Fixed an out-of-bounds read when parsing text via the Python API. (bsc#1241551)
- CVE-2025-32415: Fixed a crafted XML document may lead to a heap-based buffer under-read. (bsc#1241453)
Patchnames: SUSE-2025-1439,SUSE-SUSE-MicroOS-5.1-2025-1439,SUSE-SUSE-MicroOS-5.2-2025-1439,openSUSE-SLE-15.6-2025-1439
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.6 (Medium)
Affected products
Recommended
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.79.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.79.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.79.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.79.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.79.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.79.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.79.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.79.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.79.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.79.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.79.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.79.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.79.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.79.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.79.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.79.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.79.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.79.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.79.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.79.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.79.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.79.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.79.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.79.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.79.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.79.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.79.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.79.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.79.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.79.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.79.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.79.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.79.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.79.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.79.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.79.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.79.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.79.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
References
12 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libxml2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libxml2 fixes the following issues:\n\n- CVE-2025-32414: Fixed an out-of-bounds read when parsing text via the Python API. (bsc#1241551)\n- CVE-2025-32415: Fixed a crafted XML document may lead to a heap-based buffer under-read. (bsc#1241453)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-1439,SUSE-SUSE-MicroOS-5.1-2025-1439,SUSE-SUSE-MicroOS-5.2-2025-1439,openSUSE-SLE-15.6-2025-1439",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_1439-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:1439-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20251439-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:1439-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-May/039132.html"
},
{
"category": "self",
"summary": "SUSE Bug 1241453",
"url": "https://bugzilla.suse.com/1241453"
},
{
"category": "self",
"summary": "SUSE Bug 1241551",
"url": "https://bugzilla.suse.com/1241551"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-32414 page",
"url": "https://www.suse.com/security/cve/CVE-2025-32414/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-32415 page",
"url": "https://www.suse.com/security/cve/CVE-2025-32415/"
}
],
"title": "Security update for libxml2",
"tracking": {
"current_release_date": "2025-05-02T13:44:39Z",
"generator": {
"date": "2025-05-02T13:44:39Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:1439-1",
"initial_release_date": "2025-05-02T13:44:39Z",
"revision_history": [
{
"date": "2025-05-02T13:44:39Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.9.7-150000.3.79.1.aarch64",
"product": {
"name": "libxml2-2-2.9.7-150000.3.79.1.aarch64",
"product_id": "libxml2-2-2.9.7-150000.3.79.1.aarch64"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.9.7-150000.3.79.1.aarch64",
"product": {
"name": "libxml2-devel-2.9.7-150000.3.79.1.aarch64",
"product_id": "libxml2-devel-2.9.7-150000.3.79.1.aarch64"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.9.7-150000.3.79.1.aarch64",
"product": {
"name": "libxml2-tools-2.9.7-150000.3.79.1.aarch64",
"product_id": "libxml2-tools-2.9.7-150000.3.79.1.aarch64"
}
},
{
"category": "product_version",
"name": "python2-libxml2-python-2.9.7-150000.3.79.1.aarch64",
"product": {
"name": "python2-libxml2-python-2.9.7-150000.3.79.1.aarch64",
"product_id": "python2-libxml2-python-2.9.7-150000.3.79.1.aarch64"
}
},
{
"category": "product_version",
"name": "python3-libxml2-python-2.9.7-150000.3.79.1.aarch64",
"product": {
"name": "python3-libxml2-python-2.9.7-150000.3.79.1.aarch64",
"product_id": "python3-libxml2-python-2.9.7-150000.3.79.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-64bit-2.9.7-150000.3.79.1.aarch64_ilp32",
"product": {
"name": "libxml2-2-64bit-2.9.7-150000.3.79.1.aarch64_ilp32",
"product_id": "libxml2-2-64bit-2.9.7-150000.3.79.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libxml2-devel-64bit-2.9.7-150000.3.79.1.aarch64_ilp32",
"product": {
"name": "libxml2-devel-64bit-2.9.7-150000.3.79.1.aarch64_ilp32",
"product_id": "libxml2-devel-64bit-2.9.7-150000.3.79.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.9.7-150000.3.79.1.i586",
"product": {
"name": "libxml2-2-2.9.7-150000.3.79.1.i586",
"product_id": "libxml2-2-2.9.7-150000.3.79.1.i586"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.9.7-150000.3.79.1.i586",
"product": {
"name": "libxml2-devel-2.9.7-150000.3.79.1.i586",
"product_id": "libxml2-devel-2.9.7-150000.3.79.1.i586"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.9.7-150000.3.79.1.i586",
"product": {
"name": "libxml2-tools-2.9.7-150000.3.79.1.i586",
"product_id": "libxml2-tools-2.9.7-150000.3.79.1.i586"
}
},
{
"category": "product_version",
"name": "python2-libxml2-python-2.9.7-150000.3.79.1.i586",
"product": {
"name": "python2-libxml2-python-2.9.7-150000.3.79.1.i586",
"product_id": "python2-libxml2-python-2.9.7-150000.3.79.1.i586"
}
},
{
"category": "product_version",
"name": "python3-libxml2-python-2.9.7-150000.3.79.1.i586",
"product": {
"name": "python3-libxml2-python-2.9.7-150000.3.79.1.i586",
"product_id": "python3-libxml2-python-2.9.7-150000.3.79.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-doc-2.9.7-150000.3.79.1.noarch",
"product": {
"name": "libxml2-doc-2.9.7-150000.3.79.1.noarch",
"product_id": "libxml2-doc-2.9.7-150000.3.79.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.9.7-150000.3.79.1.ppc64le",
"product": {
"name": "libxml2-2-2.9.7-150000.3.79.1.ppc64le",
"product_id": "libxml2-2-2.9.7-150000.3.79.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.9.7-150000.3.79.1.ppc64le",
"product": {
"name": "libxml2-devel-2.9.7-150000.3.79.1.ppc64le",
"product_id": "libxml2-devel-2.9.7-150000.3.79.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.9.7-150000.3.79.1.ppc64le",
"product": {
"name": "libxml2-tools-2.9.7-150000.3.79.1.ppc64le",
"product_id": "libxml2-tools-2.9.7-150000.3.79.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python2-libxml2-python-2.9.7-150000.3.79.1.ppc64le",
"product": {
"name": "python2-libxml2-python-2.9.7-150000.3.79.1.ppc64le",
"product_id": "python2-libxml2-python-2.9.7-150000.3.79.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python3-libxml2-python-2.9.7-150000.3.79.1.ppc64le",
"product": {
"name": "python3-libxml2-python-2.9.7-150000.3.79.1.ppc64le",
"product_id": "python3-libxml2-python-2.9.7-150000.3.79.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.9.7-150000.3.79.1.s390x",
"product": {
"name": "libxml2-2-2.9.7-150000.3.79.1.s390x",
"product_id": "libxml2-2-2.9.7-150000.3.79.1.s390x"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.9.7-150000.3.79.1.s390x",
"product": {
"name": "libxml2-devel-2.9.7-150000.3.79.1.s390x",
"product_id": "libxml2-devel-2.9.7-150000.3.79.1.s390x"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.9.7-150000.3.79.1.s390x",
"product": {
"name": "libxml2-tools-2.9.7-150000.3.79.1.s390x",
"product_id": "libxml2-tools-2.9.7-150000.3.79.1.s390x"
}
},
{
"category": "product_version",
"name": "python2-libxml2-python-2.9.7-150000.3.79.1.s390x",
"product": {
"name": "python2-libxml2-python-2.9.7-150000.3.79.1.s390x",
"product_id": "python2-libxml2-python-2.9.7-150000.3.79.1.s390x"
}
},
{
"category": "product_version",
"name": "python3-libxml2-python-2.9.7-150000.3.79.1.s390x",
"product": {
"name": "python3-libxml2-python-2.9.7-150000.3.79.1.s390x",
"product_id": "python3-libxml2-python-2.9.7-150000.3.79.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.9.7-150000.3.79.1.x86_64",
"product": {
"name": "libxml2-2-2.9.7-150000.3.79.1.x86_64",
"product_id": "libxml2-2-2.9.7-150000.3.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-2-32bit-2.9.7-150000.3.79.1.x86_64",
"product": {
"name": "libxml2-2-32bit-2.9.7-150000.3.79.1.x86_64",
"product_id": "libxml2-2-32bit-2.9.7-150000.3.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.9.7-150000.3.79.1.x86_64",
"product": {
"name": "libxml2-devel-2.9.7-150000.3.79.1.x86_64",
"product_id": "libxml2-devel-2.9.7-150000.3.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-devel-32bit-2.9.7-150000.3.79.1.x86_64",
"product": {
"name": "libxml2-devel-32bit-2.9.7-150000.3.79.1.x86_64",
"product_id": "libxml2-devel-32bit-2.9.7-150000.3.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.9.7-150000.3.79.1.x86_64",
"product": {
"name": "libxml2-tools-2.9.7-150000.3.79.1.x86_64",
"product_id": "libxml2-tools-2.9.7-150000.3.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "python2-libxml2-python-2.9.7-150000.3.79.1.x86_64",
"product": {
"name": "python2-libxml2-python-2.9.7-150000.3.79.1.x86_64",
"product_id": "python2-libxml2-python-2.9.7-150000.3.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-libxml2-python-2.9.7-150000.3.79.1.x86_64",
"product": {
"name": "python3-libxml2-python-2.9.7-150000.3.79.1.x86_64",
"product_id": "python3-libxml2-python-2.9.7-150000.3.79.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.2"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.7-150000.3.79.1.aarch64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.79.1.aarch64"
},
"product_reference": "libxml2-2-2.9.7-150000.3.79.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.7-150000.3.79.1.s390x as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.79.1.s390x"
},
"product_reference": "libxml2-2-2.9.7-150000.3.79.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.7-150000.3.79.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.79.1.x86_64"
},
"product_reference": "libxml2-2-2.9.7-150000.3.79.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.7-150000.3.79.1.aarch64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.79.1.aarch64"
},
"product_reference": "libxml2-tools-2.9.7-150000.3.79.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.7-150000.3.79.1.s390x as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.79.1.s390x"
},
"product_reference": "libxml2-tools-2.9.7-150000.3.79.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.7-150000.3.79.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.79.1.x86_64"
},
"product_reference": "libxml2-tools-2.9.7-150000.3.79.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.7-150000.3.79.1.aarch64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.79.1.aarch64"
},
"product_reference": "libxml2-2-2.9.7-150000.3.79.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.7-150000.3.79.1.s390x as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.79.1.s390x"
},
"product_reference": "libxml2-2-2.9.7-150000.3.79.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.7-150000.3.79.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.79.1.x86_64"
},
"product_reference": "libxml2-2-2.9.7-150000.3.79.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.7-150000.3.79.1.aarch64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.79.1.aarch64"
},
"product_reference": "libxml2-tools-2.9.7-150000.3.79.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.7-150000.3.79.1.s390x as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.79.1.s390x"
},
"product_reference": "libxml2-tools-2.9.7-150000.3.79.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.7-150000.3.79.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.79.1.x86_64"
},
"product_reference": "libxml2-tools-2.9.7-150000.3.79.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-python-2.9.7-150000.3.79.1.aarch64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.79.1.aarch64"
},
"product_reference": "python3-libxml2-python-2.9.7-150000.3.79.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-python-2.9.7-150000.3.79.1.s390x as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.79.1.s390x"
},
"product_reference": "python3-libxml2-python-2.9.7-150000.3.79.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-python-2.9.7-150000.3.79.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.79.1.x86_64"
},
"product_reference": "python3-libxml2-python-2.9.7-150000.3.79.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-python-2.9.7-150000.3.79.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.79.1.aarch64"
},
"product_reference": "python3-libxml2-python-2.9.7-150000.3.79.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-python-2.9.7-150000.3.79.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.79.1.ppc64le"
},
"product_reference": "python3-libxml2-python-2.9.7-150000.3.79.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-python-2.9.7-150000.3.79.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.79.1.s390x"
},
"product_reference": "python3-libxml2-python-2.9.7-150000.3.79.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-python-2.9.7-150000.3.79.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.79.1.x86_64"
},
"product_reference": "python3-libxml2-python-2.9.7-150000.3.79.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-32414",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-32414"
}
],
"notes": [
{
"category": "general",
"text": "In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.79.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.79.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.79.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.79.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.79.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.79.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.79.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.79.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.79.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.79.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.79.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.79.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.79.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.79.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.79.1.x86_64",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.79.1.aarch64",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.79.1.ppc64le",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.79.1.s390x",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.79.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-32414",
"url": "https://www.suse.com/security/cve/CVE-2025-32414"
},
{
"category": "external",
"summary": "SUSE Bug 1241551 for CVE-2025-32414",
"url": "https://bugzilla.suse.com/1241551"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.79.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.79.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.79.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.79.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.79.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.79.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.79.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.79.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.79.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.79.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.79.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.79.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.79.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.79.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.79.1.x86_64",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.79.1.aarch64",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.79.1.ppc64le",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.79.1.s390x",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.79.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.79.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.79.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.79.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.79.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.79.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.79.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.79.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.79.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.79.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.79.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.79.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.79.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.79.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.79.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.79.1.x86_64",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.79.1.aarch64",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.79.1.ppc64le",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.79.1.s390x",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.79.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-02T13:44:39Z",
"details": "moderate"
}
],
"title": "CVE-2025-32414"
},
{
"cve": "CVE-2025-32415",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-32415"
}
],
"notes": [
{
"category": "general",
"text": "In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.79.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.79.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.79.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.79.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.79.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.79.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.79.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.79.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.79.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.79.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.79.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.79.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.79.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.79.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.79.1.x86_64",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.79.1.aarch64",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.79.1.ppc64le",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.79.1.s390x",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.79.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-32415",
"url": "https://www.suse.com/security/cve/CVE-2025-32415"
},
{
"category": "external",
"summary": "SUSE Bug 1241453 for CVE-2025-32415",
"url": "https://bugzilla.suse.com/1241453"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.79.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.79.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.79.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.79.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.79.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.79.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.79.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.79.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.79.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.79.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.79.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.79.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.79.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.79.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.79.1.x86_64",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.79.1.aarch64",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.79.1.ppc64le",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.79.1.s390x",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.79.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.79.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.79.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.79.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.79.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.79.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.79.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.79.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.79.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.79.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.79.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.79.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.79.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.79.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.79.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.79.1.x86_64",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.79.1.aarch64",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.79.1.ppc64le",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.79.1.s390x",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.79.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-02T13:44:39Z",
"details": "low"
}
],
"title": "CVE-2025-32415"
}
]
}
SUSE-SU-2025:1440-1
Vulnerability from csaf_suse - Published: 2025-05-02 13:44 - Updated: 2025-05-02 13:44Summary
Security update for libxml2
Severity
Moderate
Notes
Title of the patch: Security update for libxml2
Description of the patch: This update for libxml2 fixes the following issues:
- CVE-2025-32414: Fixed an out-of-bounds read when parsing text via the Python API. (bsc#1241551)
- CVE-2025-32415: Fixed a crafted XML document may lead to a heap-based buffer under-read. (bsc#1241453)
Patchnames: SUSE-2025-1440,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1440
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.6 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-2.9.4-46.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-32bit-2.9.4-46.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-devel-2.9.4-46.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-doc-2.9.4-46.84.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-tools-2.9.4-46.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:python-libxml2-2.9.4-46.84.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-2.9.4-46.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-32bit-2.9.4-46.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-devel-2.9.4-46.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-doc-2.9.4-46.84.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-tools-2.9.4-46.84.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:python-libxml2-2.9.4-46.84.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
References
12 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libxml2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libxml2 fixes the following issues:\n\n- CVE-2025-32414: Fixed an out-of-bounds read when parsing text via the Python API. (bsc#1241551)\n- CVE-2025-32415: Fixed a crafted XML document may lead to a heap-based buffer under-read. (bsc#1241453)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-1440,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1440",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_1440-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:1440-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20251440-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:1440-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-May/039131.html"
},
{
"category": "self",
"summary": "SUSE Bug 1241453",
"url": "https://bugzilla.suse.com/1241453"
},
{
"category": "self",
"summary": "SUSE Bug 1241551",
"url": "https://bugzilla.suse.com/1241551"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-32414 page",
"url": "https://www.suse.com/security/cve/CVE-2025-32414/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-32415 page",
"url": "https://www.suse.com/security/cve/CVE-2025-32415/"
}
],
"title": "Security update for libxml2",
"tracking": {
"current_release_date": "2025-05-02T13:44:52Z",
"generator": {
"date": "2025-05-02T13:44:52Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:1440-1",
"initial_release_date": "2025-05-02T13:44:52Z",
"revision_history": [
{
"date": "2025-05-02T13:44:52Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.9.4-46.84.1.aarch64",
"product": {
"name": "libxml2-2-2.9.4-46.84.1.aarch64",
"product_id": "libxml2-2-2.9.4-46.84.1.aarch64"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.9.4-46.84.1.aarch64",
"product": {
"name": "libxml2-devel-2.9.4-46.84.1.aarch64",
"product_id": "libxml2-devel-2.9.4-46.84.1.aarch64"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.9.4-46.84.1.aarch64",
"product": {
"name": "libxml2-tools-2.9.4-46.84.1.aarch64",
"product_id": "libxml2-tools-2.9.4-46.84.1.aarch64"
}
},
{
"category": "product_version",
"name": "python-libxml2-2.9.4-46.84.1.aarch64",
"product": {
"name": "python-libxml2-2.9.4-46.84.1.aarch64",
"product_id": "python-libxml2-2.9.4-46.84.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-64bit-2.9.4-46.84.1.aarch64_ilp32",
"product": {
"name": "libxml2-2-64bit-2.9.4-46.84.1.aarch64_ilp32",
"product_id": "libxml2-2-64bit-2.9.4-46.84.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libxml2-devel-64bit-2.9.4-46.84.1.aarch64_ilp32",
"product": {
"name": "libxml2-devel-64bit-2.9.4-46.84.1.aarch64_ilp32",
"product_id": "libxml2-devel-64bit-2.9.4-46.84.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.9.4-46.84.1.i586",
"product": {
"name": "libxml2-2-2.9.4-46.84.1.i586",
"product_id": "libxml2-2-2.9.4-46.84.1.i586"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.9.4-46.84.1.i586",
"product": {
"name": "libxml2-devel-2.9.4-46.84.1.i586",
"product_id": "libxml2-devel-2.9.4-46.84.1.i586"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.9.4-46.84.1.i586",
"product": {
"name": "libxml2-tools-2.9.4-46.84.1.i586",
"product_id": "libxml2-tools-2.9.4-46.84.1.i586"
}
},
{
"category": "product_version",
"name": "python-libxml2-2.9.4-46.84.1.i586",
"product": {
"name": "python-libxml2-2.9.4-46.84.1.i586",
"product_id": "python-libxml2-2.9.4-46.84.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-doc-2.9.4-46.84.1.noarch",
"product": {
"name": "libxml2-doc-2.9.4-46.84.1.noarch",
"product_id": "libxml2-doc-2.9.4-46.84.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.9.4-46.84.1.ppc64le",
"product": {
"name": "libxml2-2-2.9.4-46.84.1.ppc64le",
"product_id": "libxml2-2-2.9.4-46.84.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.9.4-46.84.1.ppc64le",
"product": {
"name": "libxml2-devel-2.9.4-46.84.1.ppc64le",
"product_id": "libxml2-devel-2.9.4-46.84.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.9.4-46.84.1.ppc64le",
"product": {
"name": "libxml2-tools-2.9.4-46.84.1.ppc64le",
"product_id": "libxml2-tools-2.9.4-46.84.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python-libxml2-2.9.4-46.84.1.ppc64le",
"product": {
"name": "python-libxml2-2.9.4-46.84.1.ppc64le",
"product_id": "python-libxml2-2.9.4-46.84.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.9.4-46.84.1.s390",
"product": {
"name": "libxml2-2-2.9.4-46.84.1.s390",
"product_id": "libxml2-2-2.9.4-46.84.1.s390"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.9.4-46.84.1.s390",
"product": {
"name": "libxml2-devel-2.9.4-46.84.1.s390",
"product_id": "libxml2-devel-2.9.4-46.84.1.s390"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.9.4-46.84.1.s390",
"product": {
"name": "libxml2-tools-2.9.4-46.84.1.s390",
"product_id": "libxml2-tools-2.9.4-46.84.1.s390"
}
},
{
"category": "product_version",
"name": "python-libxml2-2.9.4-46.84.1.s390",
"product": {
"name": "python-libxml2-2.9.4-46.84.1.s390",
"product_id": "python-libxml2-2.9.4-46.84.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.9.4-46.84.1.s390x",
"product": {
"name": "libxml2-2-2.9.4-46.84.1.s390x",
"product_id": "libxml2-2-2.9.4-46.84.1.s390x"
}
},
{
"category": "product_version",
"name": "libxml2-2-32bit-2.9.4-46.84.1.s390x",
"product": {
"name": "libxml2-2-32bit-2.9.4-46.84.1.s390x",
"product_id": "libxml2-2-32bit-2.9.4-46.84.1.s390x"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.9.4-46.84.1.s390x",
"product": {
"name": "libxml2-devel-2.9.4-46.84.1.s390x",
"product_id": "libxml2-devel-2.9.4-46.84.1.s390x"
}
},
{
"category": "product_version",
"name": "libxml2-devel-32bit-2.9.4-46.84.1.s390x",
"product": {
"name": "libxml2-devel-32bit-2.9.4-46.84.1.s390x",
"product_id": "libxml2-devel-32bit-2.9.4-46.84.1.s390x"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.9.4-46.84.1.s390x",
"product": {
"name": "libxml2-tools-2.9.4-46.84.1.s390x",
"product_id": "libxml2-tools-2.9.4-46.84.1.s390x"
}
},
{
"category": "product_version",
"name": "python-libxml2-2.9.4-46.84.1.s390x",
"product": {
"name": "python-libxml2-2.9.4-46.84.1.s390x",
"product_id": "python-libxml2-2.9.4-46.84.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.9.4-46.84.1.x86_64",
"product": {
"name": "libxml2-2-2.9.4-46.84.1.x86_64",
"product_id": "libxml2-2-2.9.4-46.84.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-2-32bit-2.9.4-46.84.1.x86_64",
"product": {
"name": "libxml2-2-32bit-2.9.4-46.84.1.x86_64",
"product_id": "libxml2-2-32bit-2.9.4-46.84.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.9.4-46.84.1.x86_64",
"product": {
"name": "libxml2-devel-2.9.4-46.84.1.x86_64",
"product_id": "libxml2-devel-2.9.4-46.84.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-devel-32bit-2.9.4-46.84.1.x86_64",
"product": {
"name": "libxml2-devel-32bit-2.9.4-46.84.1.x86_64",
"product_id": "libxml2-devel-32bit-2.9.4-46.84.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.9.4-46.84.1.x86_64",
"product": {
"name": "libxml2-tools-2.9.4-46.84.1.x86_64",
"product_id": "libxml2-tools-2.9.4-46.84.1.x86_64"
}
},
{
"category": "product_version",
"name": "python-libxml2-2.9.4-46.84.1.x86_64",
"product": {
"name": "python-libxml2-2.9.4-46.84.1.x86_64",
"product_id": "python-libxml2-2.9.4-46.84.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss-extended-security:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.4-46.84.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-2.9.4-46.84.1.x86_64"
},
"product_reference": "libxml2-2-2.9.4-46.84.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-32bit-2.9.4-46.84.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-32bit-2.9.4-46.84.1.x86_64"
},
"product_reference": "libxml2-2-32bit-2.9.4-46.84.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.9.4-46.84.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-devel-2.9.4-46.84.1.x86_64"
},
"product_reference": "libxml2-devel-2.9.4-46.84.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-doc-2.9.4-46.84.1.noarch as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-doc-2.9.4-46.84.1.noarch"
},
"product_reference": "libxml2-doc-2.9.4-46.84.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.4-46.84.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-tools-2.9.4-46.84.1.x86_64"
},
"product_reference": "libxml2-tools-2.9.4-46.84.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-libxml2-2.9.4-46.84.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:python-libxml2-2.9.4-46.84.1.x86_64"
},
"product_reference": "python-libxml2-2.9.4-46.84.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-32414",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-32414"
}
],
"notes": [
{
"category": "general",
"text": "In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-2.9.4-46.84.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-32bit-2.9.4-46.84.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-devel-2.9.4-46.84.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-doc-2.9.4-46.84.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-tools-2.9.4-46.84.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:python-libxml2-2.9.4-46.84.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-32414",
"url": "https://www.suse.com/security/cve/CVE-2025-32414"
},
{
"category": "external",
"summary": "SUSE Bug 1241551 for CVE-2025-32414",
"url": "https://bugzilla.suse.com/1241551"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-2.9.4-46.84.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-32bit-2.9.4-46.84.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-devel-2.9.4-46.84.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-doc-2.9.4-46.84.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-tools-2.9.4-46.84.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:python-libxml2-2.9.4-46.84.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-2.9.4-46.84.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-32bit-2.9.4-46.84.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-devel-2.9.4-46.84.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-doc-2.9.4-46.84.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-tools-2.9.4-46.84.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:python-libxml2-2.9.4-46.84.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-02T13:44:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-32414"
},
{
"cve": "CVE-2025-32415",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-32415"
}
],
"notes": [
{
"category": "general",
"text": "In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-2.9.4-46.84.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-32bit-2.9.4-46.84.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-devel-2.9.4-46.84.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-doc-2.9.4-46.84.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-tools-2.9.4-46.84.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:python-libxml2-2.9.4-46.84.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-32415",
"url": "https://www.suse.com/security/cve/CVE-2025-32415"
},
{
"category": "external",
"summary": "SUSE Bug 1241453 for CVE-2025-32415",
"url": "https://bugzilla.suse.com/1241453"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-2.9.4-46.84.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-32bit-2.9.4-46.84.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-devel-2.9.4-46.84.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-doc-2.9.4-46.84.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-tools-2.9.4-46.84.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:python-libxml2-2.9.4-46.84.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-2.9.4-46.84.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-32bit-2.9.4-46.84.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-devel-2.9.4-46.84.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-doc-2.9.4-46.84.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-tools-2.9.4-46.84.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:python-libxml2-2.9.4-46.84.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-02T13:44:52Z",
"details": "low"
}
],
"title": "CVE-2025-32415"
}
]
}
SUSE-SU-2025:20333-1
Vulnerability from csaf_suse - Published: 2025-05-21 11:23 - Updated: 2025-05-21 11:23Summary
Security update for libxml2
Severity
Moderate
Notes
Title of the patch: Security update for libxml2
Description of the patch: This update for libxml2 fixes the following issues:
- CVE-2025-32414: Fixed out-of-bounds read when parsing text via the Python API (bsc#1241551)
- CVE-2025-32415: Fixed a crafted XML document may lead to a heap-based buffer under-read (bsc#1241453)
Patchnames: SUSE-SLE-Micro-6.0-329
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.6 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:libxml2-2-2.11.6-8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libxml2-2-2.11.6-8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libxml2-2-2.11.6-8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libxml2-tools-2.11.6-8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libxml2-tools-2.11.6-8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libxml2-tools-2.11.6-8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:libxml2-2-2.11.6-8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libxml2-2-2.11.6-8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libxml2-2-2.11.6-8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libxml2-tools-2.11.6-8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libxml2-tools-2.11.6-8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libxml2-tools-2.11.6-8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
References
12 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libxml2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libxml2 fixes the following issues:\n\n- CVE-2025-32414: Fixed out-of-bounds read when parsing text via the Python API (bsc#1241551)\n- CVE-2025-32415: Fixed a crafted XML document may lead to a heap-based buffer under-read (bsc#1241453)\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-329",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20333-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20333-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520333-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20333-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-May/039441.html"
},
{
"category": "self",
"summary": "SUSE Bug 1241453",
"url": "https://bugzilla.suse.com/1241453"
},
{
"category": "self",
"summary": "SUSE Bug 1241551",
"url": "https://bugzilla.suse.com/1241551"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-32414 page",
"url": "https://www.suse.com/security/cve/CVE-2025-32414/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-32415 page",
"url": "https://www.suse.com/security/cve/CVE-2025-32415/"
}
],
"title": "Security update for libxml2",
"tracking": {
"current_release_date": "2025-05-21T11:23:02Z",
"generator": {
"date": "2025-05-21T11:23:02Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20333-1",
"initial_release_date": "2025-05-21T11:23:02Z",
"revision_history": [
{
"date": "2025-05-21T11:23:02Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.11.6-8.1.aarch64",
"product": {
"name": "libxml2-2-2.11.6-8.1.aarch64",
"product_id": "libxml2-2-2.11.6-8.1.aarch64"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.11.6-8.1.aarch64",
"product": {
"name": "libxml2-tools-2.11.6-8.1.aarch64",
"product_id": "libxml2-tools-2.11.6-8.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.11.6-8.1.s390x",
"product": {
"name": "libxml2-2-2.11.6-8.1.s390x",
"product_id": "libxml2-2-2.11.6-8.1.s390x"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.11.6-8.1.s390x",
"product": {
"name": "libxml2-tools-2.11.6-8.1.s390x",
"product_id": "libxml2-tools-2.11.6-8.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.11.6-8.1.x86_64",
"product": {
"name": "libxml2-2-2.11.6-8.1.x86_64",
"product_id": "libxml2-2-2.11.6-8.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.11.6-8.1.x86_64",
"product": {
"name": "libxml2-tools-2.11.6-8.1.x86_64",
"product_id": "libxml2-tools-2.11.6-8.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.11.6-8.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libxml2-2-2.11.6-8.1.aarch64"
},
"product_reference": "libxml2-2-2.11.6-8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.11.6-8.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libxml2-2-2.11.6-8.1.s390x"
},
"product_reference": "libxml2-2-2.11.6-8.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.11.6-8.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libxml2-2-2.11.6-8.1.x86_64"
},
"product_reference": "libxml2-2-2.11.6-8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.11.6-8.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libxml2-tools-2.11.6-8.1.aarch64"
},
"product_reference": "libxml2-tools-2.11.6-8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.11.6-8.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libxml2-tools-2.11.6-8.1.s390x"
},
"product_reference": "libxml2-tools-2.11.6-8.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.11.6-8.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libxml2-tools-2.11.6-8.1.x86_64"
},
"product_reference": "libxml2-tools-2.11.6-8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-32414",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-32414"
}
],
"notes": [
{
"category": "general",
"text": "In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:libxml2-2-2.11.6-8.1.aarch64",
"SUSE Linux Micro 6.0:libxml2-2-2.11.6-8.1.s390x",
"SUSE Linux Micro 6.0:libxml2-2-2.11.6-8.1.x86_64",
"SUSE Linux Micro 6.0:libxml2-tools-2.11.6-8.1.aarch64",
"SUSE Linux Micro 6.0:libxml2-tools-2.11.6-8.1.s390x",
"SUSE Linux Micro 6.0:libxml2-tools-2.11.6-8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-32414",
"url": "https://www.suse.com/security/cve/CVE-2025-32414"
},
{
"category": "external",
"summary": "SUSE Bug 1241551 for CVE-2025-32414",
"url": "https://bugzilla.suse.com/1241551"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:libxml2-2-2.11.6-8.1.aarch64",
"SUSE Linux Micro 6.0:libxml2-2-2.11.6-8.1.s390x",
"SUSE Linux Micro 6.0:libxml2-2-2.11.6-8.1.x86_64",
"SUSE Linux Micro 6.0:libxml2-tools-2.11.6-8.1.aarch64",
"SUSE Linux Micro 6.0:libxml2-tools-2.11.6-8.1.s390x",
"SUSE Linux Micro 6.0:libxml2-tools-2.11.6-8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:libxml2-2-2.11.6-8.1.aarch64",
"SUSE Linux Micro 6.0:libxml2-2-2.11.6-8.1.s390x",
"SUSE Linux Micro 6.0:libxml2-2-2.11.6-8.1.x86_64",
"SUSE Linux Micro 6.0:libxml2-tools-2.11.6-8.1.aarch64",
"SUSE Linux Micro 6.0:libxml2-tools-2.11.6-8.1.s390x",
"SUSE Linux Micro 6.0:libxml2-tools-2.11.6-8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-21T11:23:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-32414"
},
{
"cve": "CVE-2025-32415",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-32415"
}
],
"notes": [
{
"category": "general",
"text": "In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:libxml2-2-2.11.6-8.1.aarch64",
"SUSE Linux Micro 6.0:libxml2-2-2.11.6-8.1.s390x",
"SUSE Linux Micro 6.0:libxml2-2-2.11.6-8.1.x86_64",
"SUSE Linux Micro 6.0:libxml2-tools-2.11.6-8.1.aarch64",
"SUSE Linux Micro 6.0:libxml2-tools-2.11.6-8.1.s390x",
"SUSE Linux Micro 6.0:libxml2-tools-2.11.6-8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-32415",
"url": "https://www.suse.com/security/cve/CVE-2025-32415"
},
{
"category": "external",
"summary": "SUSE Bug 1241453 for CVE-2025-32415",
"url": "https://bugzilla.suse.com/1241453"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:libxml2-2-2.11.6-8.1.aarch64",
"SUSE Linux Micro 6.0:libxml2-2-2.11.6-8.1.s390x",
"SUSE Linux Micro 6.0:libxml2-2-2.11.6-8.1.x86_64",
"SUSE Linux Micro 6.0:libxml2-tools-2.11.6-8.1.aarch64",
"SUSE Linux Micro 6.0:libxml2-tools-2.11.6-8.1.s390x",
"SUSE Linux Micro 6.0:libxml2-tools-2.11.6-8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:libxml2-2-2.11.6-8.1.aarch64",
"SUSE Linux Micro 6.0:libxml2-2-2.11.6-8.1.s390x",
"SUSE Linux Micro 6.0:libxml2-2-2.11.6-8.1.x86_64",
"SUSE Linux Micro 6.0:libxml2-tools-2.11.6-8.1.aarch64",
"SUSE Linux Micro 6.0:libxml2-tools-2.11.6-8.1.s390x",
"SUSE Linux Micro 6.0:libxml2-tools-2.11.6-8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-21T11:23:02Z",
"details": "low"
}
],
"title": "CVE-2025-32415"
}
]
}
SUSE-SU-2025:20364-1
Vulnerability from csaf_suse - Published: 2025-05-28 09:00 - Updated: 2025-05-28 09:00Summary
Security update for libxml2
Severity
Moderate
Notes
Title of the patch: Security update for libxml2
Description of the patch: This update for libxml2 fixes the following issues:
- CVE-2025-32414: Fixed out-of-bounds read when parsing text via the Python API (bsc#1241551).
- CVE-2025-32415: Fixed heap-based buffer under-read via crafted XML documents (bsc#1241453).
Patchnames: SUSE-SLE-Micro-6.1-126
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.6 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:libxml2-2-2.11.6-slfo.1.1_3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libxml2-2-2.11.6-slfo.1.1_3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libxml2-2-2.11.6-slfo.1.1_3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libxml2-2-2.11.6-slfo.1.1_3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libxml2-tools-2.11.6-slfo.1.1_3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libxml2-tools-2.11.6-slfo.1.1_3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libxml2-tools-2.11.6-slfo.1.1_3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libxml2-tools-2.11.6-slfo.1.1_3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:libxml2-2-2.11.6-slfo.1.1_3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libxml2-2-2.11.6-slfo.1.1_3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libxml2-2-2.11.6-slfo.1.1_3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libxml2-2-2.11.6-slfo.1.1_3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libxml2-tools-2.11.6-slfo.1.1_3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libxml2-tools-2.11.6-slfo.1.1_3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libxml2-tools-2.11.6-slfo.1.1_3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libxml2-tools-2.11.6-slfo.1.1_3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
References
12 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libxml2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libxml2 fixes the following issues:\n\n- CVE-2025-32414: Fixed out-of-bounds read when parsing text via the Python API (bsc#1241551).\n- CVE-2025-32415: Fixed heap-based buffer under-read via crafted XML documents (bsc#1241453).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-126",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20364-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20364-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520364-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20364-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/039495.html"
},
{
"category": "self",
"summary": "SUSE Bug 1241453",
"url": "https://bugzilla.suse.com/1241453"
},
{
"category": "self",
"summary": "SUSE Bug 1241551",
"url": "https://bugzilla.suse.com/1241551"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-32414 page",
"url": "https://www.suse.com/security/cve/CVE-2025-32414/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-32415 page",
"url": "https://www.suse.com/security/cve/CVE-2025-32415/"
}
],
"title": "Security update for libxml2",
"tracking": {
"current_release_date": "2025-05-28T09:00:09Z",
"generator": {
"date": "2025-05-28T09:00:09Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20364-1",
"initial_release_date": "2025-05-28T09:00:09Z",
"revision_history": [
{
"date": "2025-05-28T09:00:09Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.11.6-slfo.1.1_3.1.aarch64",
"product": {
"name": "libxml2-2-2.11.6-slfo.1.1_3.1.aarch64",
"product_id": "libxml2-2-2.11.6-slfo.1.1_3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.11.6-slfo.1.1_3.1.aarch64",
"product": {
"name": "libxml2-tools-2.11.6-slfo.1.1_3.1.aarch64",
"product_id": "libxml2-tools-2.11.6-slfo.1.1_3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.11.6-slfo.1.1_3.1.ppc64le",
"product": {
"name": "libxml2-2-2.11.6-slfo.1.1_3.1.ppc64le",
"product_id": "libxml2-2-2.11.6-slfo.1.1_3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.11.6-slfo.1.1_3.1.ppc64le",
"product": {
"name": "libxml2-tools-2.11.6-slfo.1.1_3.1.ppc64le",
"product_id": "libxml2-tools-2.11.6-slfo.1.1_3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.11.6-slfo.1.1_3.1.s390x",
"product": {
"name": "libxml2-2-2.11.6-slfo.1.1_3.1.s390x",
"product_id": "libxml2-2-2.11.6-slfo.1.1_3.1.s390x"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.11.6-slfo.1.1_3.1.s390x",
"product": {
"name": "libxml2-tools-2.11.6-slfo.1.1_3.1.s390x",
"product_id": "libxml2-tools-2.11.6-slfo.1.1_3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.11.6-slfo.1.1_3.1.x86_64",
"product": {
"name": "libxml2-2-2.11.6-slfo.1.1_3.1.x86_64",
"product_id": "libxml2-2-2.11.6-slfo.1.1_3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.11.6-slfo.1.1_3.1.x86_64",
"product": {
"name": "libxml2-tools-2.11.6-slfo.1.1_3.1.x86_64",
"product_id": "libxml2-tools-2.11.6-slfo.1.1_3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.11.6-slfo.1.1_3.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libxml2-2-2.11.6-slfo.1.1_3.1.aarch64"
},
"product_reference": "libxml2-2-2.11.6-slfo.1.1_3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.11.6-slfo.1.1_3.1.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libxml2-2-2.11.6-slfo.1.1_3.1.ppc64le"
},
"product_reference": "libxml2-2-2.11.6-slfo.1.1_3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.11.6-slfo.1.1_3.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libxml2-2-2.11.6-slfo.1.1_3.1.s390x"
},
"product_reference": "libxml2-2-2.11.6-slfo.1.1_3.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.11.6-slfo.1.1_3.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libxml2-2-2.11.6-slfo.1.1_3.1.x86_64"
},
"product_reference": "libxml2-2-2.11.6-slfo.1.1_3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.11.6-slfo.1.1_3.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libxml2-tools-2.11.6-slfo.1.1_3.1.aarch64"
},
"product_reference": "libxml2-tools-2.11.6-slfo.1.1_3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.11.6-slfo.1.1_3.1.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libxml2-tools-2.11.6-slfo.1.1_3.1.ppc64le"
},
"product_reference": "libxml2-tools-2.11.6-slfo.1.1_3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.11.6-slfo.1.1_3.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libxml2-tools-2.11.6-slfo.1.1_3.1.s390x"
},
"product_reference": "libxml2-tools-2.11.6-slfo.1.1_3.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.11.6-slfo.1.1_3.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libxml2-tools-2.11.6-slfo.1.1_3.1.x86_64"
},
"product_reference": "libxml2-tools-2.11.6-slfo.1.1_3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-32414",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-32414"
}
],
"notes": [
{
"category": "general",
"text": "In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libxml2-2-2.11.6-slfo.1.1_3.1.aarch64",
"SUSE Linux Micro 6.1:libxml2-2-2.11.6-slfo.1.1_3.1.ppc64le",
"SUSE Linux Micro 6.1:libxml2-2-2.11.6-slfo.1.1_3.1.s390x",
"SUSE Linux Micro 6.1:libxml2-2-2.11.6-slfo.1.1_3.1.x86_64",
"SUSE Linux Micro 6.1:libxml2-tools-2.11.6-slfo.1.1_3.1.aarch64",
"SUSE Linux Micro 6.1:libxml2-tools-2.11.6-slfo.1.1_3.1.ppc64le",
"SUSE Linux Micro 6.1:libxml2-tools-2.11.6-slfo.1.1_3.1.s390x",
"SUSE Linux Micro 6.1:libxml2-tools-2.11.6-slfo.1.1_3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-32414",
"url": "https://www.suse.com/security/cve/CVE-2025-32414"
},
{
"category": "external",
"summary": "SUSE Bug 1241551 for CVE-2025-32414",
"url": "https://bugzilla.suse.com/1241551"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libxml2-2-2.11.6-slfo.1.1_3.1.aarch64",
"SUSE Linux Micro 6.1:libxml2-2-2.11.6-slfo.1.1_3.1.ppc64le",
"SUSE Linux Micro 6.1:libxml2-2-2.11.6-slfo.1.1_3.1.s390x",
"SUSE Linux Micro 6.1:libxml2-2-2.11.6-slfo.1.1_3.1.x86_64",
"SUSE Linux Micro 6.1:libxml2-tools-2.11.6-slfo.1.1_3.1.aarch64",
"SUSE Linux Micro 6.1:libxml2-tools-2.11.6-slfo.1.1_3.1.ppc64le",
"SUSE Linux Micro 6.1:libxml2-tools-2.11.6-slfo.1.1_3.1.s390x",
"SUSE Linux Micro 6.1:libxml2-tools-2.11.6-slfo.1.1_3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libxml2-2-2.11.6-slfo.1.1_3.1.aarch64",
"SUSE Linux Micro 6.1:libxml2-2-2.11.6-slfo.1.1_3.1.ppc64le",
"SUSE Linux Micro 6.1:libxml2-2-2.11.6-slfo.1.1_3.1.s390x",
"SUSE Linux Micro 6.1:libxml2-2-2.11.6-slfo.1.1_3.1.x86_64",
"SUSE Linux Micro 6.1:libxml2-tools-2.11.6-slfo.1.1_3.1.aarch64",
"SUSE Linux Micro 6.1:libxml2-tools-2.11.6-slfo.1.1_3.1.ppc64le",
"SUSE Linux Micro 6.1:libxml2-tools-2.11.6-slfo.1.1_3.1.s390x",
"SUSE Linux Micro 6.1:libxml2-tools-2.11.6-slfo.1.1_3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-28T09:00:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-32414"
},
{
"cve": "CVE-2025-32415",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-32415"
}
],
"notes": [
{
"category": "general",
"text": "In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libxml2-2-2.11.6-slfo.1.1_3.1.aarch64",
"SUSE Linux Micro 6.1:libxml2-2-2.11.6-slfo.1.1_3.1.ppc64le",
"SUSE Linux Micro 6.1:libxml2-2-2.11.6-slfo.1.1_3.1.s390x",
"SUSE Linux Micro 6.1:libxml2-2-2.11.6-slfo.1.1_3.1.x86_64",
"SUSE Linux Micro 6.1:libxml2-tools-2.11.6-slfo.1.1_3.1.aarch64",
"SUSE Linux Micro 6.1:libxml2-tools-2.11.6-slfo.1.1_3.1.ppc64le",
"SUSE Linux Micro 6.1:libxml2-tools-2.11.6-slfo.1.1_3.1.s390x",
"SUSE Linux Micro 6.1:libxml2-tools-2.11.6-slfo.1.1_3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-32415",
"url": "https://www.suse.com/security/cve/CVE-2025-32415"
},
{
"category": "external",
"summary": "SUSE Bug 1241453 for CVE-2025-32415",
"url": "https://bugzilla.suse.com/1241453"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libxml2-2-2.11.6-slfo.1.1_3.1.aarch64",
"SUSE Linux Micro 6.1:libxml2-2-2.11.6-slfo.1.1_3.1.ppc64le",
"SUSE Linux Micro 6.1:libxml2-2-2.11.6-slfo.1.1_3.1.s390x",
"SUSE Linux Micro 6.1:libxml2-2-2.11.6-slfo.1.1_3.1.x86_64",
"SUSE Linux Micro 6.1:libxml2-tools-2.11.6-slfo.1.1_3.1.aarch64",
"SUSE Linux Micro 6.1:libxml2-tools-2.11.6-slfo.1.1_3.1.ppc64le",
"SUSE Linux Micro 6.1:libxml2-tools-2.11.6-slfo.1.1_3.1.s390x",
"SUSE Linux Micro 6.1:libxml2-tools-2.11.6-slfo.1.1_3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libxml2-2-2.11.6-slfo.1.1_3.1.aarch64",
"SUSE Linux Micro 6.1:libxml2-2-2.11.6-slfo.1.1_3.1.ppc64le",
"SUSE Linux Micro 6.1:libxml2-2-2.11.6-slfo.1.1_3.1.s390x",
"SUSE Linux Micro 6.1:libxml2-2-2.11.6-slfo.1.1_3.1.x86_64",
"SUSE Linux Micro 6.1:libxml2-tools-2.11.6-slfo.1.1_3.1.aarch64",
"SUSE Linux Micro 6.1:libxml2-tools-2.11.6-slfo.1.1_3.1.ppc64le",
"SUSE Linux Micro 6.1:libxml2-tools-2.11.6-slfo.1.1_3.1.s390x",
"SUSE Linux Micro 6.1:libxml2-tools-2.11.6-slfo.1.1_3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-28T09:00:09Z",
"details": "low"
}
],
"title": "CVE-2025-32415"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…