Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-5914 (GCVE-0-2025-5914)
Vulnerability from cvelistv5 – Published: 2025-06-09 19:53 – Updated: 2026-04-20 18:25
VLAI
EPSS
Title
Libarchive: double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c
Summary
A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.
Severity
7.8 (High)
CWE
- CWE-190 - Integer Overflow or Wraparound
Assigner
References
32 references
Impacted products
61 products
| Vendor | Product | Version | |
|---|---|---|---|
|
Affected:
0 , < 3.8.0
(semver)
|
|||
| Red Hat | Red Hat Enterprise Linux 10 |
Unaffected:
0:3.7.7-4.el10_0 , < *
(rpm)
cpe:/o:redhat:enterprise_linux:10.0 |
|
| Red Hat | Red Hat Enterprise Linux 7 Extended Lifecycle Support |
Unaffected:
0:3.1.2-14.el7_9.1 , < *
(rpm)
cpe:/o:redhat:rhel_els:7 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
Unaffected:
0:3.3.3-6.el8_10 , < *
(rpm)
cpe:/o:redhat:enterprise_linux:8::baseos cpe:/a:redhat:enterprise_linux:8::crb |
|
| Red Hat | Red Hat Enterprise Linux 8.2 Advanced Update Support |
Unaffected:
0:3.3.2-8.el8_2.1 , < *
(rpm)
cpe:/o:redhat:rhel_aus:8.2::baseos |
|
| Red Hat | Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support |
Unaffected:
0:3.3.3-1.el8_4.1 , < *
(rpm)
cpe:/o:redhat:rhel_eus_long_life:8.4::baseos cpe:/o:redhat:rhel_aus:8.4::baseos |
|
| Red Hat | Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On |
Unaffected:
0:3.3.3-1.el8_4.1 , < *
(rpm)
cpe:/o:redhat:rhel_eus_long_life:8.4::baseos cpe:/o:redhat:rhel_aus:8.4::baseos |
|
| Red Hat | Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support |
Unaffected:
0:3.3.3-6.el8_6 , < *
(rpm)
cpe:/o:redhat:rhel_tus:8.6::baseos cpe:/o:redhat:rhel_aus:8.6::baseos cpe:/o:redhat:rhel_e4s:8.6::baseos |
|
| Red Hat | Red Hat Enterprise Linux 8.6 Telecommunications Update Service |
Unaffected:
0:3.3.3-6.el8_6 , < *
(rpm)
cpe:/o:redhat:rhel_tus:8.6::baseos cpe:/o:redhat:rhel_aus:8.6::baseos cpe:/o:redhat:rhel_e4s:8.6::baseos |
|
| Red Hat | Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions |
Unaffected:
0:3.3.3-6.el8_6 , < *
(rpm)
cpe:/o:redhat:rhel_tus:8.6::baseos cpe:/o:redhat:rhel_aus:8.6::baseos cpe:/o:redhat:rhel_e4s:8.6::baseos |
|
| Red Hat | Red Hat Enterprise Linux 8.8 Telecommunications Update Service |
Unaffected:
0:3.3.3-5.el8_8.1 , < *
(rpm)
cpe:/o:redhat:rhel_tus:8.8::baseos cpe:/o:redhat:rhel_e4s:8.8::baseos |
|
| Red Hat | Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions |
Unaffected:
0:3.3.3-5.el8_8.1 , < *
(rpm)
cpe:/o:redhat:rhel_tus:8.8::baseos cpe:/o:redhat:rhel_e4s:8.8::baseos |
|
| Red Hat | Red Hat Enterprise Linux 9 |
Unaffected:
0:3.5.3-6.el9_6 , < *
(rpm)
cpe:/o:redhat:enterprise_linux:9::baseos cpe:/a:redhat:enterprise_linux:9::appstream |
|
| Red Hat | Red Hat Enterprise Linux 9 |
Unaffected:
0:3.5.3-6.el9_6 , < *
(rpm)
cpe:/o:redhat:enterprise_linux:9::baseos cpe:/a:redhat:enterprise_linux:9::appstream |
|
| Red Hat | Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions |
Unaffected:
0:3.5.3-2.el9_0.1 , < *
(rpm)
cpe:/o:redhat:rhel_e4s:9.0::baseos cpe:/a:redhat:rhel_e4s:9.0::appstream |
|
| Red Hat | Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions |
Unaffected:
0:3.5.3-5.el9_2 , < *
(rpm)
cpe:/a:redhat:rhel_e4s:9.2::appstream cpe:/o:redhat:rhel_e4s:9.2::baseos |
|
| Red Hat | Red Hat Enterprise Linux 9.4 Extended Update Support |
Unaffected:
0:3.5.3-4.el9_4.1 , < *
(rpm)
cpe:/o:redhat:rhel_eus:9.4::baseos cpe:/a:redhat:rhel_eus:9.4::crb cpe:/a:redhat:rhel_eus:9.4::appstream |
|
| Red Hat | Red Hat OpenShift Container Platform 4.14 |
Unaffected:
414.92.202510211419-0 , < *
(rpm)
cpe:/a:redhat:openshift:4.14::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.15 |
Unaffected:
415.92.202601271320-0 , < *
(rpm)
cpe:/a:redhat:openshift:4.15::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.16 |
Unaffected:
416.94.202601071926-0 , < *
(rpm)
cpe:/a:redhat:openshift:4.16::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.17 |
Unaffected:
417.94.202510112152-0 , < *
(rpm)
cpe:/a:redhat:openshift:4.17::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.18 |
Unaffected:
418.94.202510230424-0 , < *
(rpm)
cpe:/a:redhat:openshift:4.18::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.19 |
Unaffected:
4.19.9.6.202510140714-0 , < *
(rpm)
cpe:/a:redhat:openshift:4.19::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.20 |
Unaffected:
4.20.9.6.202509251656-0 , < *
(rpm)
cpe:/a:redhat:openshift:4.20::el9 |
|
| Red Hat | Red Hat Web Terminal 1.11 on RHEL 9 |
Unaffected:
1.11-19 , < *
(rpm)
cpe:/a:redhat:webterminal:1.11::el9 |
|
| Red Hat | Red Hat Web Terminal 1.11 on RHEL 9 |
Unaffected:
1.11-8 , < *
(rpm)
cpe:/a:redhat:webterminal:1.11::el9 |
|
| Red Hat | Red Hat Web Terminal 1.12 on RHEL 9 |
Unaffected:
1.12-4 , < *
(rpm)
cpe:/a:redhat:webterminal:1.12::el9 |
|
| Red Hat | RHOSS-1.36-RHEL-8 |
Unaffected:
1.36.0-11 , < *
(rpm)
cpe:/a:redhat:openshift_serverless:1.36::el8 |
|
| Red Hat | RHOSS-1.36-RHEL-8 |
Unaffected:
1.36.0-11 , < *
(rpm)
cpe:/a:redhat:openshift_serverless:1.36::el8 |
|
| Red Hat | RHOSS-1.36-RHEL-8 |
Unaffected:
1.36.0-11 , < *
(rpm)
cpe:/a:redhat:openshift_serverless:1.36::el8 |
|
| Red Hat | RHOSS-1.36-RHEL-8 |
Unaffected:
1.36.0-10 , < *
(rpm)
cpe:/a:redhat:openshift_serverless:1.36::el8 |
|
| Red Hat | RHOSS-1.36-RHEL-8 |
Unaffected:
1.36.0-10 , < *
(rpm)
cpe:/a:redhat:openshift_serverless:1.36::el8 |
|
| Red Hat | RHOSS-1.36-RHEL-8 |
Unaffected:
1.36.0-4 , < *
(rpm)
cpe:/a:redhat:openshift_serverless:1.36::el8 |
|
| Red Hat | RHOSS-1.36-RHEL-8 |
Unaffected:
1.36.0-9 , < *
(rpm)
cpe:/a:redhat:openshift_serverless:1.36::el8 |
|
| Red Hat | RHOSS-1.36-RHEL-8 |
Unaffected:
1.36.0-18 , < *
(rpm)
cpe:/a:redhat:openshift_serverless:1.36::el8 |
|
| Red Hat | RHOSS-1.36-RHEL-8 |
Unaffected:
1.36.0-11 , < *
(rpm)
cpe:/a:redhat:openshift_serverless:1.36::el8 |
|
| Red Hat | RHOSS-1.36-RHEL-8 |
Unaffected:
1.36.0-7 , < *
(rpm)
cpe:/a:redhat:openshift_serverless:1.36::el8 |
|
| Red Hat | cert-manager operator for Red Hat OpenShift 1.16 |
Unaffected:
sha256:1abdfac084e7c86e7a93a19e5cf6b54db79b903bfb7474a42200f753b29eda4b , < *
(rpm)
cpe:/a:redhat:cert_manager:1.16::el9 |
|
| Red Hat | File Integrity Operator 1 |
Unaffected:
sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605 , < *
(rpm)
cpe:/a:redhat:openshift_file_integrity_operator:1::el9 |
|
| Red Hat | OpenShift Compliance Operator 1 |
Unaffected:
sha256:4953a7ea865ff38a4fe19d5536d8062870c262733c640a2c7e4bd9e0bfb3d498 , < *
(rpm)
cpe:/a:redhat:openshift_compliance_operator:1::el9 |
|
| Red Hat | OpenShift Compliance Operator 1 |
Unaffected:
sha256:06ad8599c4b0170264e40a45b0126504c87c37f0832265c7ff6541d2385b2049 , < *
(rpm)
cpe:/a:redhat:openshift_compliance_operator:1::el9 |
|
| Red Hat | OpenShift Compliance Operator 1 |
Unaffected:
sha256:0903a7a5c857d96c84fd022e5785514eff201047e2fdd5d6699d79f17440ef02 , < *
(rpm)
cpe:/a:redhat:openshift_compliance_operator:1::el9 |
|
| Red Hat | Red Hat Discovery 2 |
Unaffected:
sha256:1c67d8d526ab4f2854947f7dccd8752a2efd414c0f1cbab17706fa91147e7cda , < *
(rpm)
cpe:/a:redhat:discovery:2::el9 |
|
| Red Hat | Red Hat Insights proxy 1.5 |
Unaffected:
sha256:3fa6c89778502bfb0b16ef8ff3c576467e8a21269afb2380c4ae176ee2fc7fec , < *
(rpm)
cpe:/a:redhat:insights_proxy:1.5::el9 |
|
| Red Hat | Red Hat OpenShift distributed tracing 3.5.1 |
Unaffected:
sha256:5604dbb58d5e31f399f41ae4bf7a766272bf091a4e1bd6e89d1b85d62b0db93a , < *
(rpm)
cpe:/a:redhat:openshift_distributed_tracing:3.5::el8 |
|
| Red Hat | Red Hat OpenShift distributed tracing 3.5.1 |
Unaffected:
sha256:03b0aced2885356099971c8470add4b0f7732bcb380c74be3691d30c2894e5c0 , < *
(rpm)
cpe:/a:redhat:openshift_distributed_tracing:3.5::el8 |
|
| Red Hat | Red Hat OpenShift distributed tracing 3.5.1 |
Unaffected:
sha256:86d400b195958c287846ae60d76d2ec277740da3d3de033c7e72ab9a42370b4b , < *
(rpm)
cpe:/a:redhat:openshift_distributed_tracing:3.5::el8 |
|
| Red Hat | Red Hat OpenShift distributed tracing 3.5.1 |
Unaffected:
sha256:1413caf075bae338e12199fc8a6f53c13b491c81e3ad36251a09bceee554955d , < *
(rpm)
cpe:/a:redhat:openshift_distributed_tracing:3.5::el8 |
|
| Red Hat | Red Hat OpenShift distributed tracing 3.5.1 |
Unaffected:
sha256:6ceeba5ce034140d4144ead58de768d8f374aa3f1c4800855871c229ee1cd785 , < *
(rpm)
cpe:/a:redhat:openshift_distributed_tracing:3.5::el8 |
|
| Red Hat | Red Hat OpenShift distributed tracing 3.5.1 |
Unaffected:
sha256:044c58b2f2d18d5a20fd23dafc2db1ee6d6d48ac5c20706f176b8132d1d8ac96 , < *
(rpm)
cpe:/a:redhat:openshift_distributed_tracing:3.5::el8 |
|
| Red Hat | Red Hat OpenShift distributed tracing 3.5.1 |
Unaffected:
sha256:f250e39033d7cb1d786e5a7ec6798c25d4c5d8c6ecbcf6828915605fc4658da5 , < *
(rpm)
cpe:/a:redhat:openshift_distributed_tracing:3.5::el8 |
|
| Red Hat | Red Hat OpenShift distributed tracing 3.5.1 |
Unaffected:
sha256:35a048b43d21f9f05df76fc7cb5766eb1f708be1c0012f117fdc09851b8047e1 , < *
(rpm)
cpe:/a:redhat:openshift_distributed_tracing:3.5::el8 |
|
| Red Hat | Red Hat OpenShift distributed tracing 3.5.1 |
Unaffected:
sha256:9b66a46b3a28084c45823268d1fa4ae953c50b996f3d265c5fc9f4bc3eb326b4 , < *
(rpm)
cpe:/a:redhat:openshift_distributed_tracing:3.5::el8 |
|
| Red Hat | Red Hat OpenShift sandboxed containers 1.1 |
Unaffected:
sha256:24722900db1425bf0c27f6ad6f3fb7d79ff9ebc433bdab58423fa71bab76122b , < *
(rpm)
cpe:/a:redhat:confidential_compute_attestation:1.10::el9 |
|
| Red Hat | Red Hat OpenShift sandboxed containers 1.1 |
Unaffected:
sha256:7b7c0b42ff8814d9d0cfa1b0ec9e58aebe79bc5cfbc658384f026d8493ae6fbe , < *
(rpm)
cpe:/a:redhat:confidential_compute_attestation:1.10::el9 |
|
| Red Hat | Red Hat OpenShift sandboxed containers 1.1 |
Unaffected:
sha256:9ff002e628e5646b5ab3cc9201087847bea29569b4a1bc135b89d5c1a5f0a422 , < *
(rpm)
cpe:/a:redhat:confidential_compute_attestation:1.10::el9 |
|
| Red Hat | Red Hat OpenShift sandboxed containers 1.1 |
Unaffected:
sha256:6b2da66d287083cf823f6efd8d61ba6a1be10eb6ba8cda484dea4e2ab67ae108 , < *
(rpm)
cpe:/a:redhat:confidential_compute_attestation:1.10::el9 |
|
| Red Hat | Red Hat OpenShift sandboxed containers 1.1 |
Unaffected:
sha256:8f29671308ca658e32e97d5c3b482f7541aae1bca1b71f39b3276a9a334d8108 , < *
(rpm)
cpe:/a:redhat:confidential_compute_attestation:1.10::el9 |
|
| Red Hat | Red Hat OpenShift sandboxed containers 1.1 |
Unaffected:
sha256:59fb1f7f1653361d94f7d48b42d8fe19ed3263c1c78654837c11f2135544c1ac , < *
(rpm)
cpe:/a:redhat:confidential_compute_attestation:1.10::el9 |
|
| Red Hat | Red Hat OpenShift sandboxed containers 1.1 |
Unaffected:
sha256:616297cf428a55918fad3653d7aca18fe3c1f622ff63ab9885991bd6dbc6ed65 , < *
(rpm)
cpe:/a:redhat:confidential_compute_attestation:1.10::el9 |
|
| Red Hat | Red Hat Enterprise Linux 6 |
cpe:/o:redhat:enterprise_linux:6 |
Date Public
2025-05-20 00:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5914",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-10T15:14:35.773233Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-10T15:30:42.589Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/libarchive/libarchive/pull/2598"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/libarchive/libarchive/",
"defaultStatus": "unaffected",
"packageName": "libarchive",
"versions": [
{
"lessThan": "3.8.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10.0"
],
"defaultStatus": "affected",
"packageName": "libarchive",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.7.7-4.el10_0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_els:7"
],
"defaultStatus": "affected",
"packageName": "libarchive",
"product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.1.2-14.el7_9.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8::baseos",
"cpe:/a:redhat:enterprise_linux:8::crb"
],
"defaultStatus": "affected",
"packageName": "libarchive",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.3.3-6.el8_10",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_aus:8.2::baseos"
],
"defaultStatus": "affected",
"packageName": "libarchive",
"product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.3.2-8.el8_2.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_eus_long_life:8.4::baseos",
"cpe:/o:redhat:rhel_aus:8.4::baseos"
],
"defaultStatus": "affected",
"packageName": "libarchive",
"product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.3.3-1.el8_4.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_eus_long_life:8.4::baseos",
"cpe:/o:redhat:rhel_aus:8.4::baseos"
],
"defaultStatus": "affected",
"packageName": "libarchive",
"product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.3.3-1.el8_4.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_tus:8.6::baseos",
"cpe:/o:redhat:rhel_aus:8.6::baseos",
"cpe:/o:redhat:rhel_e4s:8.6::baseos"
],
"defaultStatus": "affected",
"packageName": "libarchive",
"product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.3.3-6.el8_6",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_tus:8.6::baseos",
"cpe:/o:redhat:rhel_aus:8.6::baseos",
"cpe:/o:redhat:rhel_e4s:8.6::baseos"
],
"defaultStatus": "affected",
"packageName": "libarchive",
"product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.3.3-6.el8_6",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_tus:8.6::baseos",
"cpe:/o:redhat:rhel_aus:8.6::baseos",
"cpe:/o:redhat:rhel_e4s:8.6::baseos"
],
"defaultStatus": "affected",
"packageName": "libarchive",
"product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.3.3-6.el8_6",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_tus:8.8::baseos",
"cpe:/o:redhat:rhel_e4s:8.8::baseos"
],
"defaultStatus": "affected",
"packageName": "libarchive",
"product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.3.3-5.el8_8.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_tus:8.8::baseos",
"cpe:/o:redhat:rhel_e4s:8.8::baseos"
],
"defaultStatus": "affected",
"packageName": "libarchive",
"product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.3.3-5.el8_8.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9::baseos",
"cpe:/a:redhat:enterprise_linux:9::appstream"
],
"defaultStatus": "affected",
"packageName": "libarchive",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.5.3-6.el9_6",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9::baseos",
"cpe:/a:redhat:enterprise_linux:9::appstream"
],
"defaultStatus": "affected",
"packageName": "libarchive",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.5.3-6.el9_6",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_e4s:9.0::baseos",
"cpe:/a:redhat:rhel_e4s:9.0::appstream"
],
"defaultStatus": "affected",
"packageName": "libarchive",
"product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.5.3-2.el9_0.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.2::appstream",
"cpe:/o:redhat:rhel_e4s:9.2::baseos"
],
"defaultStatus": "affected",
"packageName": "libarchive",
"product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.5.3-5.el9_2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_eus:9.4::baseos",
"cpe:/a:redhat:rhel_eus:9.4::crb",
"cpe:/a:redhat:rhel_eus:9.4::appstream"
],
"defaultStatus": "affected",
"packageName": "libarchive",
"product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.5.3-4.el9_4.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4.14::el9"
],
"defaultStatus": "affected",
"packageName": "rhcos",
"product": "Red Hat OpenShift Container Platform 4.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "414.92.202510211419-0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "rhcos",
"product": "Red Hat OpenShift Container Platform 4.15",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "415.92.202601271320-0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4.16::el9"
],
"defaultStatus": "affected",
"packageName": "rhcos",
"product": "Red Hat OpenShift Container Platform 4.16",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "416.94.202601071926-0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4.17::el9"
],
"defaultStatus": "affected",
"packageName": "rhcos",
"product": "Red Hat OpenShift Container Platform 4.17",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "417.94.202510112152-0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "rhcos",
"product": "Red Hat OpenShift Container Platform 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "418.94.202510230424-0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4.19::el9"
],
"defaultStatus": "affected",
"packageName": "rhcos",
"product": "Red Hat OpenShift Container Platform 4.19",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "4.19.9.6.202510140714-0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4.20::el9"
],
"defaultStatus": "affected",
"packageName": "rhcos",
"product": "Red Hat OpenShift Container Platform 4.20",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "4.20.9.6.202509251656-0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:webterminal:1.11::el9"
],
"defaultStatus": "affected",
"packageName": "web-terminal/web-terminal-rhel9-operator",
"product": "Red Hat Web Terminal 1.11 on RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1.11-19",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:webterminal:1.11::el9"
],
"defaultStatus": "affected",
"packageName": "web-terminal/web-terminal-tooling-rhel9",
"product": "Red Hat Web Terminal 1.11 on RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1.11-8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:webterminal:1.12::el9"
],
"defaultStatus": "affected",
"packageName": "web-terminal/web-terminal-tooling-rhel9",
"product": "Red Hat Web Terminal 1.12 on RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1.12-4",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_serverless:1.36::el8"
],
"defaultStatus": "affected",
"packageName": "openshift-serverless-1/logic-data-index-ephemeral-rhel8",
"product": "RHOSS-1.36-RHEL-8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1.36.0-11",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_serverless:1.36::el8"
],
"defaultStatus": "affected",
"packageName": "openshift-serverless-1/logic-data-index-postgresql-rhel8",
"product": "RHOSS-1.36-RHEL-8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1.36.0-11",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_serverless:1.36::el8"
],
"defaultStatus": "affected",
"packageName": "openshift-serverless-1/logic-db-migrator-tool-rhel8",
"product": "RHOSS-1.36-RHEL-8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1.36.0-11",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_serverless:1.36::el8"
],
"defaultStatus": "affected",
"packageName": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8",
"product": "RHOSS-1.36-RHEL-8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1.36.0-10",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_serverless:1.36::el8"
],
"defaultStatus": "affected",
"packageName": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8",
"product": "RHOSS-1.36-RHEL-8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1.36.0-10",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_serverless:1.36::el8"
],
"defaultStatus": "affected",
"packageName": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8",
"product": "RHOSS-1.36-RHEL-8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1.36.0-4",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_serverless:1.36::el8"
],
"defaultStatus": "affected",
"packageName": "openshift-serverless-1/logic-management-console-rhel8",
"product": "RHOSS-1.36-RHEL-8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1.36.0-9",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_serverless:1.36::el8"
],
"defaultStatus": "affected",
"packageName": "openshift-serverless-1/logic-rhel8-operator",
"product": "RHOSS-1.36-RHEL-8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1.36.0-18",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_serverless:1.36::el8"
],
"defaultStatus": "affected",
"packageName": "openshift-serverless-1/logic-swf-builder-rhel8",
"product": "RHOSS-1.36-RHEL-8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1.36.0-11",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_serverless:1.36::el8"
],
"defaultStatus": "affected",
"packageName": "openshift-serverless-1/logic-swf-devmode-rhel8",
"product": "RHOSS-1.36-RHEL-8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1.36.0-7",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:cert_manager:1.16::el9"
],
"defaultStatus": "affected",
"packageName": "cert-manager/jetstack-cert-manager-rhel9",
"product": "cert-manager operator for Red Hat OpenShift 1.16",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:1abdfac084e7c86e7a93a19e5cf6b54db79b903bfb7474a42200f753b29eda4b",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_file_integrity_operator:1::el9"
],
"defaultStatus": "affected",
"packageName": "compliance/openshift-file-integrity-rhel8-operator",
"product": "File Integrity Operator 1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_compliance_operator:1::el9"
],
"defaultStatus": "affected",
"packageName": "compliance/openshift-compliance-must-gather-rhel8",
"product": "OpenShift Compliance Operator 1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:4953a7ea865ff38a4fe19d5536d8062870c262733c640a2c7e4bd9e0bfb3d498",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_compliance_operator:1::el9"
],
"defaultStatus": "affected",
"packageName": "compliance/openshift-compliance-openscap-rhel8",
"product": "OpenShift Compliance Operator 1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:06ad8599c4b0170264e40a45b0126504c87c37f0832265c7ff6541d2385b2049",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_compliance_operator:1::el9"
],
"defaultStatus": "affected",
"packageName": "compliance/openshift-compliance-rhel8-operator",
"product": "OpenShift Compliance Operator 1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:0903a7a5c857d96c84fd022e5785514eff201047e2fdd5d6699d79f17440ef02",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:discovery:2::el9"
],
"defaultStatus": "affected",
"packageName": "discovery/discovery-server-rhel9",
"product": "Red Hat Discovery 2",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:1c67d8d526ab4f2854947f7dccd8752a2efd414c0f1cbab17706fa91147e7cda",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:insights_proxy:1.5::el9"
],
"defaultStatus": "affected",
"packageName": "insights-proxy/insights-proxy-container-rhel9",
"product": "Red Hat Insights proxy 1.5",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:3fa6c89778502bfb0b16ef8ff3c576467e8a21269afb2380c4ae176ee2fc7fec",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"
],
"defaultStatus": "affected",
"packageName": "rhosdt/jaeger-agent-rhel8",
"product": "Red Hat OpenShift distributed tracing 3.5.1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:5604dbb58d5e31f399f41ae4bf7a766272bf091a4e1bd6e89d1b85d62b0db93a",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"
],
"defaultStatus": "affected",
"packageName": "rhosdt/jaeger-all-in-one-rhel8",
"product": "Red Hat OpenShift distributed tracing 3.5.1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:03b0aced2885356099971c8470add4b0f7732bcb380c74be3691d30c2894e5c0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"
],
"defaultStatus": "affected",
"packageName": "rhosdt/jaeger-collector-rhel8",
"product": "Red Hat OpenShift distributed tracing 3.5.1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:86d400b195958c287846ae60d76d2ec277740da3d3de033c7e72ab9a42370b4b",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"
],
"defaultStatus": "affected",
"packageName": "rhosdt/jaeger-es-index-cleaner-rhel8",
"product": "Red Hat OpenShift distributed tracing 3.5.1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:1413caf075bae338e12199fc8a6f53c13b491c81e3ad36251a09bceee554955d",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"
],
"defaultStatus": "affected",
"packageName": "rhosdt/jaeger-es-rollover-rhel8",
"product": "Red Hat OpenShift distributed tracing 3.5.1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:6ceeba5ce034140d4144ead58de768d8f374aa3f1c4800855871c229ee1cd785",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"
],
"defaultStatus": "affected",
"packageName": "rhosdt/jaeger-ingester-rhel8",
"product": "Red Hat OpenShift distributed tracing 3.5.1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:044c58b2f2d18d5a20fd23dafc2db1ee6d6d48ac5c20706f176b8132d1d8ac96",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"
],
"defaultStatus": "affected",
"packageName": "rhosdt/jaeger-operator-bundle",
"product": "Red Hat OpenShift distributed tracing 3.5.1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:f250e39033d7cb1d786e5a7ec6798c25d4c5d8c6ecbcf6828915605fc4658da5",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"
],
"defaultStatus": "affected",
"packageName": "rhosdt/jaeger-query-rhel8",
"product": "Red Hat OpenShift distributed tracing 3.5.1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:35a048b43d21f9f05df76fc7cb5766eb1f708be1c0012f117fdc09851b8047e1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"
],
"defaultStatus": "affected",
"packageName": "rhosdt/jaeger-rhel8-operator",
"product": "Red Hat OpenShift distributed tracing 3.5.1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:9b66a46b3a28084c45823268d1fa4ae953c50b996f3d265c5fc9f4bc3eb326b4",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9",
"product": "Red Hat OpenShift sandboxed containers 1.1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:24722900db1425bf0c27f6ad6f3fb7d79ff9ebc433bdab58423fa71bab76122b",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-sandboxed-containers/osc-cloud-api-adaptor-webhook-rhel9",
"product": "Red Hat OpenShift sandboxed containers 1.1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:7b7c0b42ff8814d9d0cfa1b0ec9e58aebe79bc5cfbc658384f026d8493ae6fbe",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-sandboxed-containers/osc-monitor-rhel9",
"product": "Red Hat OpenShift sandboxed containers 1.1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:9ff002e628e5646b5ab3cc9201087847bea29569b4a1bc135b89d5c1a5f0a422",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-sandboxed-containers/osc-must-gather-rhel9",
"product": "Red Hat OpenShift sandboxed containers 1.1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:6b2da66d287083cf823f6efd8d61ba6a1be10eb6ba8cda484dea4e2ab67ae108",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-sandboxed-containers/osc-podvm-builder-rhel9",
"product": "Red Hat OpenShift sandboxed containers 1.1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:8f29671308ca658e32e97d5c3b482f7541aae1bca1b71f39b3276a9a334d8108",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-sandboxed-containers/osc-podvm-payload-rhel9",
"product": "Red Hat OpenShift sandboxed containers 1.1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:59fb1f7f1653361d94f7d48b42d8fe19ed3263c1c78654837c11f2135544c1ac",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-sandboxed-containers/osc-rhel9-operator",
"product": "Red Hat OpenShift sandboxed containers 1.1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:616297cf428a55918fad3653d7aca18fe3c1f622ff63ab9885991bd6dbc6ed65",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unknown",
"packageName": "libarchive",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
}
],
"datePublic": "2025-05-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-20T18:25:59.703Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2025:14130",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:14130"
},
{
"name": "RHSA-2025:14135",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:14135"
},
{
"name": "RHSA-2025:14137",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:14137"
},
{
"name": "RHSA-2025:14141",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:14141"
},
{
"name": "RHSA-2025:14142",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:14142"
},
{
"name": "RHSA-2025:14525",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:14525"
},
{
"name": "RHSA-2025:14528",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:14528"
},
{
"name": "RHSA-2025:14594",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:14594"
},
{
"name": "RHSA-2025:14644",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:14644"
},
{
"name": "RHSA-2025:14808",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:14808"
},
{
"name": "RHSA-2025:14810",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:14810"
},
{
"name": "RHSA-2025:14828",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:14828"
},
{
"name": "RHSA-2025:15024",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:15024"
},
{
"name": "RHSA-2025:15397",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:15397"
},
{
"name": "RHSA-2025:15709",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:15709"
},
{
"name": "RHSA-2025:15827",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:15827"
},
{
"name": "RHSA-2025:15828",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:15828"
},
{
"name": "RHSA-2025:16524",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:16524"
},
{
"name": "RHSA-2025:18217",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:18217"
},
{
"name": "RHSA-2025:18218",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:18218"
},
{
"name": "RHSA-2025:18219",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:18219"
},
{
"name": "RHSA-2025:19041",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:19041"
},
{
"name": "RHSA-2025:19046",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:19046"
},
{
"name": "RHSA-2025:21885",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:21885"
},
{
"name": "RHSA-2025:21913",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:21913"
},
{
"name": "RHSA-2026:0326",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:0326"
},
{
"name": "RHSA-2026:0934",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:0934"
},
{
"name": "RHSA-2026:1541",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:1541"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2025-5914"
},
{
"name": "RHBZ#2370861",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370861"
},
{
"url": "https://github.com/libarchive/libarchive/pull/2598"
},
{
"url": "https://github.com/libarchive/libarchive/releases/tag/v3.8.0"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-06-06T17:58:25.491Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2025-05-20T00:00:00.000Z",
"value": "Made public."
}
],
"title": "Libarchive: double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c",
"x_generator": {
"engine": "cvelib 1.8.0"
},
"x_redhatCweChain": "CWE-190: Integer Overflow or Wraparound"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2025-5914",
"datePublished": "2025-06-09T19:53:48.923Z",
"dateReserved": "2025-06-09T08:10:18.779Z",
"dateUpdated": "2026-04-20T18:25:59.703Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-5914",
"date": "2026-05-27",
"epss": "0.00114",
"percentile": "0.29626"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-5914\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2025-06-09T20:15:26.123\",\"lastModified\":\"2026-02-05T20:15:52.523\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.\"},{\"lang\":\"es\",\"value\":\"Se ha identificado una vulnerabilidad en la librer\u00eda libarchive, espec\u00edficamente en la funci\u00f3n archive_read_format_rar_seek_data(). Esta falla implica un desbordamiento de enteros que puede provocar una condici\u00f3n de doble liberaci\u00f3n. Explotar una vulnerabilidad de doble liberaci\u00f3n puede provocar corrupci\u00f3n de memoria, lo que permite a un atacante ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-190\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libarchive:libarchive:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.8.0\",\"matchCriteriaId\":\"FCC41392-D22A-4BE5-B7E7-DE5D6BA40052\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"932D137F-528B-4526-9A89-CD59FA1AB0FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4CFF558-3C47-480D-A2F0-BABF26042943\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F6FB57C-2BC7-487C-96DD-132683AEB35D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C\"}]}]}],\"references\":[{\"url\":\"https://access.redhat.com/errata/RHSA-2025:14130\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:14135\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:14137\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:14141\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:14142\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:14525\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:14528\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:14594\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:14644\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:14808\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:14810\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:14828\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:15024\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:15397\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:15709\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:15827\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:15828\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:16524\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:18217\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:18218\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:18219\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:19041\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:19046\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:21885\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:21913\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:0326\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:0934\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:1541\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2025-5914\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2370861\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/libarchive/libarchive/pull/2598\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/libarchive/libarchive/releases/tag/v3.8.0\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/libarchive/libarchive/pull/2598\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-5914\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-06-10T15:14:35.773233Z\"}}}], \"references\": [{\"url\": \"https://github.com/libarchive/libarchive/pull/2598\", \"tags\": [\"exploit\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-06-10T14:23:42.747Z\"}}], \"cna\": {\"title\": \"Libarchive: double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c\", \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Important\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"3.8.0\", \"versionType\": \"semver\"}], \"packageName\": \"libarchive\", \"collectionURL\": \"https://github.com/libarchive/libarchive/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10.0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 10\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:3.7.7-4.el10_0\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libarchive\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_els:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 7 Extended Lifecycle Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:3.1.2-14.el7_9.1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libarchive\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:8::baseos\", \"cpe:/a:redhat:enterprise_linux:8::crb\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:3.3.3-6.el8_10\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libarchive\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_aus:8.2::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.2 Advanced Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:3.3.2-8.el8_2.1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libarchive\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_eus_long_life:8.4::baseos\", \"cpe:/o:redhat:rhel_aus:8.4::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:3.3.3-1.el8_4.1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libarchive\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_eus_long_life:8.4::baseos\", \"cpe:/o:redhat:rhel_aus:8.4::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:3.3.3-1.el8_4.1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libarchive\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_tus:8.6::baseos\", \"cpe:/o:redhat:rhel_aus:8.6::baseos\", \"cpe:/o:redhat:rhel_e4s:8.6::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:3.3.3-6.el8_6\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libarchive\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_tus:8.6::baseos\", \"cpe:/o:redhat:rhel_aus:8.6::baseos\", \"cpe:/o:redhat:rhel_e4s:8.6::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.6 Telecommunications Update Service\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:3.3.3-6.el8_6\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libarchive\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_tus:8.6::baseos\", \"cpe:/o:redhat:rhel_aus:8.6::baseos\", \"cpe:/o:redhat:rhel_e4s:8.6::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:3.3.3-6.el8_6\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libarchive\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_tus:8.8::baseos\", \"cpe:/o:redhat:rhel_e4s:8.8::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.8 Telecommunications Update Service\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:3.3.3-5.el8_8.1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libarchive\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_tus:8.8::baseos\", \"cpe:/o:redhat:rhel_e4s:8.8::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:3.3.3-5.el8_8.1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libarchive\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:9::baseos\", \"cpe:/a:redhat:enterprise_linux:9::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:3.5.3-6.el9_6\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libarchive\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:9::baseos\", \"cpe:/a:redhat:enterprise_linux:9::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:3.5.3-6.el9_6\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libarchive\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_e4s:9.0::baseos\", \"cpe:/a:redhat:rhel_e4s:9.0::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:3.5.3-2.el9_0.1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libarchive\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_e4s:9.2::appstream\", \"cpe:/o:redhat:rhel_e4s:9.2::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:3.5.3-5.el9_2\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libarchive\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_eus:9.4::baseos\", \"cpe:/a:redhat:rhel_eus:9.4::crb\", \"cpe:/a:redhat:rhel_eus:9.4::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9.4 Extended Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:3.5.3-4.el9_4.1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libarchive\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.14::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.14\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"414.92.202510211419-0\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhcos\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.15::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.15\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"415.92.202601271320-0\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhcos\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.16::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.16\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"416.94.202601071926-0\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhcos\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.17\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"417.94.202510112152-0\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhcos\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.18::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.18\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"418.94.202510230424-0\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhcos\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.19::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.19\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"4.19.9.6.202510140714-0\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhcos\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.20::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.20\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"4.20.9.6.202509251656-0\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhcos\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:webterminal:1.11::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Web Terminal 1.11 on RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1.11-19\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"web-terminal/web-terminal-rhel9-operator\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:webterminal:1.11::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Web Terminal 1.11 on RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1.11-8\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"web-terminal/web-terminal-tooling-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:webterminal:1.12::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Web Terminal 1.12 on RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1.12-4\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"web-terminal/web-terminal-tooling-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_serverless:1.36::el8\"], \"vendor\": \"Red Hat\", \"product\": \"RHOSS-1.36-RHEL-8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1.36.0-11\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"openshift-serverless-1/logic-data-index-ephemeral-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_serverless:1.36::el8\"], \"vendor\": \"Red Hat\", \"product\": \"RHOSS-1.36-RHEL-8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1.36.0-11\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"openshift-serverless-1/logic-data-index-postgresql-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_serverless:1.36::el8\"], \"vendor\": \"Red Hat\", \"product\": \"RHOSS-1.36-RHEL-8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1.36.0-11\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"openshift-serverless-1/logic-db-migrator-tool-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_serverless:1.36::el8\"], \"vendor\": \"Red Hat\", \"product\": \"RHOSS-1.36-RHEL-8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1.36.0-10\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"openshift-serverless-1/logic-jobs-service-ephemeral-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_serverless:1.36::el8\"], \"vendor\": \"Red Hat\", \"product\": \"RHOSS-1.36-RHEL-8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1.36.0-10\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"openshift-serverless-1/logic-jobs-service-postgresql-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_serverless:1.36::el8\"], \"vendor\": \"Red Hat\", \"product\": \"RHOSS-1.36-RHEL-8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1.36.0-4\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_serverless:1.36::el8\"], \"vendor\": \"Red Hat\", \"product\": \"RHOSS-1.36-RHEL-8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1.36.0-9\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"openshift-serverless-1/logic-management-console-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_serverless:1.36::el8\"], \"vendor\": \"Red Hat\", \"product\": \"RHOSS-1.36-RHEL-8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1.36.0-18\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"openshift-serverless-1/logic-rhel8-operator\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_serverless:1.36::el8\"], \"vendor\": \"Red Hat\", \"product\": \"RHOSS-1.36-RHEL-8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1.36.0-11\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"openshift-serverless-1/logic-swf-builder-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_serverless:1.36::el8\"], \"vendor\": \"Red Hat\", \"product\": \"RHOSS-1.36-RHEL-8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1.36.0-7\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"openshift-serverless-1/logic-swf-devmode-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:cert_manager:1.16::el9\"], \"vendor\": \"Red Hat\", \"product\": \"cert-manager operator for Red Hat OpenShift 1.16\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"sha256:1abdfac084e7c86e7a93a19e5cf6b54db79b903bfb7474a42200f753b29eda4b\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"cert-manager/jetstack-cert-manager-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_file_integrity_operator:1::el9\"], \"vendor\": \"Red Hat\", \"product\": \"File Integrity Operator 1\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"compliance/openshift-file-integrity-rhel8-operator\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_compliance_operator:1::el9\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Compliance Operator 1\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"sha256:4953a7ea865ff38a4fe19d5536d8062870c262733c640a2c7e4bd9e0bfb3d498\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"compliance/openshift-compliance-must-gather-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_compliance_operator:1::el9\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Compliance Operator 1\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"sha256:06ad8599c4b0170264e40a45b0126504c87c37f0832265c7ff6541d2385b2049\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"compliance/openshift-compliance-openscap-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_compliance_operator:1::el9\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Compliance Operator 1\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"sha256:0903a7a5c857d96c84fd022e5785514eff201047e2fdd5d6699d79f17440ef02\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"compliance/openshift-compliance-rhel8-operator\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:discovery:2::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Discovery 2\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"sha256:1c67d8d526ab4f2854947f7dccd8752a2efd414c0f1cbab17706fa91147e7cda\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"discovery/discovery-server-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:insights_proxy:1.5::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Insights proxy 1.5\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"sha256:3fa6c89778502bfb0b16ef8ff3c576467e8a21269afb2380c4ae176ee2fc7fec\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"insights-proxy/insights-proxy-container-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_distributed_tracing:3.5::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift distributed tracing 3.5.1\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"sha256:5604dbb58d5e31f399f41ae4bf7a766272bf091a4e1bd6e89d1b85d62b0db93a\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhosdt/jaeger-agent-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_distributed_tracing:3.5::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift distributed tracing 3.5.1\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"sha256:03b0aced2885356099971c8470add4b0f7732bcb380c74be3691d30c2894e5c0\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhosdt/jaeger-all-in-one-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_distributed_tracing:3.5::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift distributed tracing 3.5.1\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"sha256:86d400b195958c287846ae60d76d2ec277740da3d3de033c7e72ab9a42370b4b\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhosdt/jaeger-collector-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_distributed_tracing:3.5::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift distributed tracing 3.5.1\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"sha256:1413caf075bae338e12199fc8a6f53c13b491c81e3ad36251a09bceee554955d\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhosdt/jaeger-es-index-cleaner-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_distributed_tracing:3.5::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift distributed tracing 3.5.1\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"sha256:6ceeba5ce034140d4144ead58de768d8f374aa3f1c4800855871c229ee1cd785\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhosdt/jaeger-es-rollover-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_distributed_tracing:3.5::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift distributed tracing 3.5.1\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"sha256:044c58b2f2d18d5a20fd23dafc2db1ee6d6d48ac5c20706f176b8132d1d8ac96\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhosdt/jaeger-ingester-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_distributed_tracing:3.5::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift distributed tracing 3.5.1\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"sha256:f250e39033d7cb1d786e5a7ec6798c25d4c5d8c6ecbcf6828915605fc4658da5\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhosdt/jaeger-operator-bundle\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_distributed_tracing:3.5::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift distributed tracing 3.5.1\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"sha256:35a048b43d21f9f05df76fc7cb5766eb1f708be1c0012f117fdc09851b8047e1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhosdt/jaeger-query-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_distributed_tracing:3.5::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift distributed tracing 3.5.1\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"sha256:9b66a46b3a28084c45823268d1fa4ae953c50b996f3d265c5fc9f4bc3eb326b4\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhosdt/jaeger-rhel8-operator\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:confidential_compute_attestation:1.10::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift sandboxed containers 1.1\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"sha256:24722900db1425bf0c27f6ad6f3fb7d79ff9ebc433bdab58423fa71bab76122b\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:confidential_compute_attestation:1.10::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift sandboxed containers 1.1\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"sha256:7b7c0b42ff8814d9d0cfa1b0ec9e58aebe79bc5cfbc658384f026d8493ae6fbe\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"openshift-sandboxed-containers/osc-cloud-api-adaptor-webhook-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:confidential_compute_attestation:1.10::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift sandboxed containers 1.1\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"sha256:9ff002e628e5646b5ab3cc9201087847bea29569b4a1bc135b89d5c1a5f0a422\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"openshift-sandboxed-containers/osc-monitor-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:confidential_compute_attestation:1.10::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift sandboxed containers 1.1\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"sha256:6b2da66d287083cf823f6efd8d61ba6a1be10eb6ba8cda484dea4e2ab67ae108\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"openshift-sandboxed-containers/osc-must-gather-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:confidential_compute_attestation:1.10::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift sandboxed containers 1.1\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"sha256:8f29671308ca658e32e97d5c3b482f7541aae1bca1b71f39b3276a9a334d8108\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"openshift-sandboxed-containers/osc-podvm-builder-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:confidential_compute_attestation:1.10::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift sandboxed containers 1.1\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"sha256:59fb1f7f1653361d94f7d48b42d8fe19ed3263c1c78654837c11f2135544c1ac\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"openshift-sandboxed-containers/osc-podvm-payload-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:confidential_compute_attestation:1.10::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift sandboxed containers 1.1\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"sha256:616297cf428a55918fad3653d7aca18fe3c1f622ff63ab9885991bd6dbc6ed65\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"openshift-sandboxed-containers/osc-rhel9-operator\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 6\", \"packageName\": \"libarchive\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unknown\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2025-06-06T17:58:25.491Z\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2025-05-20T00:00:00.000Z\", \"value\": \"Made public.\"}], \"datePublic\": \"2025-05-20T00:00:00.000Z\", \"references\": [{\"url\": \"https://access.redhat.com/errata/RHSA-2025:14130\", \"name\": \"RHSA-2025:14130\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:14135\", \"name\": \"RHSA-2025:14135\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:14137\", \"name\": \"RHSA-2025:14137\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:14141\", \"name\": \"RHSA-2025:14141\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:14142\", \"name\": \"RHSA-2025:14142\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:14525\", \"name\": \"RHSA-2025:14525\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:14528\", \"name\": \"RHSA-2025:14528\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:14594\", \"name\": \"RHSA-2025:14594\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:14644\", \"name\": \"RHSA-2025:14644\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:14808\", \"name\": \"RHSA-2025:14808\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:14810\", \"name\": \"RHSA-2025:14810\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:14828\", \"name\": \"RHSA-2025:14828\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:15024\", \"name\": \"RHSA-2025:15024\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:15397\", \"name\": \"RHSA-2025:15397\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:15709\", \"name\": \"RHSA-2025:15709\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:15827\", \"name\": \"RHSA-2025:15827\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:15828\", \"name\": \"RHSA-2025:15828\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:16524\", \"name\": \"RHSA-2025:16524\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:18217\", \"name\": \"RHSA-2025:18217\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:18218\", \"name\": \"RHSA-2025:18218\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:18219\", \"name\": \"RHSA-2025:18219\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:19041\", \"name\": \"RHSA-2025:19041\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:19046\", \"name\": \"RHSA-2025:19046\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:21885\", \"name\": \"RHSA-2025:21885\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:21913\", \"name\": \"RHSA-2025:21913\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:0326\", \"name\": \"RHSA-2026:0326\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:0934\", \"name\": \"RHSA-2026:0934\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:1541\", \"name\": \"RHSA-2026:1541\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2025-5914\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2370861\", \"name\": \"RHBZ#2370861\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://github.com/libarchive/libarchive/pull/2598\"}, {\"url\": \"https://github.com/libarchive/libarchive/releases/tag/v3.8.0\"}], \"x_generator\": {\"engine\": \"cvelib 1.8.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-190\", \"description\": \"Integer Overflow or Wraparound\"}]}], \"providerMetadata\": {\"orgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"shortName\": \"redhat\", \"dateUpdated\": \"2026-04-20T18:25:59.703Z\"}, \"x_redhatCweChain\": \"CWE-190: Integer Overflow or Wraparound\"}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-5914\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-04-20T18:25:59.703Z\", \"dateReserved\": \"2025-06-09T08:10:18.779Z\", \"assignerOrgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"datePublished\": \"2025-06-09T19:53:48.923Z\", \"assignerShortName\": \"redhat\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
RHSA-2025:21913
Vulnerability from csaf_redhat - Published: 2025-11-21 21:19 - Updated: 2026-05-19 21:13Summary
Red Hat Security Advisory: OpenShift File Integrity Operator bug fix and enhancement update
Severity
Important
Notes
Topic: An updated OpenShift File Integrity Operator image that fixes various bugs and adds new
enhancements is now available for the Red Hat OpenShift Enterprise 4 catalog.
Details: The OpenShift File Integrity Operator v1.3.7 is now available.
See the documentation for bug fix information:
https://docs.openshift.com/container-platform/latest/security/file_integrity_operator/file-integrity-operator-release-notes.html
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.
7.8 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:59fcdf4ea159ba76fdb582011263672646dd9d63304a91592c0a21d0f43986a4_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:86d2378dea6c26da92e19e1a8dc9c9fb0fa8587fd60f83e6cc4503153e753db9_amd64 | — |
Vendor Fix
fix
|
Known not affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-operator-bundle@sha256:7520e7694e24b0de7e904f1833f9de1bd147eba17cda43aaece3a4df259e6a73_amd64 | — |
Threats
Impact
Important
A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.
7.7 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:59fcdf4ea159ba76fdb582011263672646dd9d63304a91592c0a21d0f43986a4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:86d2378dea6c26da92e19e1a8dc9c9fb0fa8587fd60f83e6cc4503153e753db9_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-operator-bundle@sha256:7520e7694e24b0de7e904f1833f9de1bd147eba17cda43aaece3a4df259e6a73_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may access freed memory, causing crashes or enabling attackers to trigger heap corruption.
7.8 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:59fcdf4ea159ba76fdb582011263672646dd9d63304a91592c0a21d0f43986a4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:86d2378dea6c26da92e19e1a8dc9c9fb0fa8587fd60f83e6cc4503153e753db9_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-operator-bundle@sha256:7520e7694e24b0de7e904f1833f9de1bd147eba17cda43aaece3a4df259e6a73_amd64 | — |
Workaround
|
Threats
Impact
Important
A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the <sch:name path="..."/> schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's crash using libxml or other possible undefined behaviors.
9.1 (Critical)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:59fcdf4ea159ba76fdb582011263672646dd9d63304a91592c0a21d0f43986a4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:86d2378dea6c26da92e19e1a8dc9c9fb0fa8587fd60f83e6cc4503153e753db9_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-operator-bundle@sha256:7520e7694e24b0de7e904f1833f9de1bd147eba17cda43aaece3a4df259e6a73_amd64 | — |
Workaround
|
Threats
Impact
Important
A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.
9.1 (Critical)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:59fcdf4ea159ba76fdb582011263672646dd9d63304a91592c0a21d0f43986a4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:86d2378dea6c26da92e19e1a8dc9c9fb0fa8587fd60f83e6cc4503153e753db9_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-operator-bundle@sha256:7520e7694e24b0de7e904f1833f9de1bd147eba17cda43aaece3a4df259e6a73_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in AIDE. This flaw allows an attacker to craft a malicious filename by including terminal escape sequences to hide the addition or removal of the file from the report and tamper with the log output. A local user may exploit this to bypass AIDE's detection of malicious files. Additionally, the output of extended attribute key names and symbolic links targets is also not properly neutralized.
7.1 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:59fcdf4ea159ba76fdb582011263672646dd9d63304a91592c0a21d0f43986a4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:86d2378dea6c26da92e19e1a8dc9c9fb0fa8587fd60f83e6cc4503153e753db9_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-operator-bundle@sha256:7520e7694e24b0de7e904f1833f9de1bd147eba17cda43aaece3a4df259e6a73_amd64 | — |
Workaround
|
Threats
Impact
Important
References
40 references
Acknowledgments
Google Project Zero
Sergei Glazunov
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated OpenShift File Integrity Operator image that fixes various bugs and adds new\nenhancements is now available for the Red Hat OpenShift Enterprise 4 catalog.",
"title": "Topic"
},
{
"category": "general",
"text": "The OpenShift File Integrity Operator v1.3.7 is now available.\nSee the documentation for bug fix information:\n\nhttps://docs.openshift.com/container-platform/latest/security/file_integrity_operator/file-integrity-operator-release-notes.html",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:21913",
"url": "https://access.redhat.com/errata/RHSA-2025:21913"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-49794",
"url": "https://access.redhat.com/security/cve/CVE-2025-49794"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-49796",
"url": "https://access.redhat.com/security/cve/CVE-2025-49796"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-54389",
"url": "https://access.redhat.com/security/cve/CVE-2025-54389"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-5914",
"url": "https://access.redhat.com/security/cve/CVE-2025-5914"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6965",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-7425",
"url": "https://access.redhat.com/security/cve/CVE-2025-7425"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_21913.json"
}
],
"title": "Red Hat Security Advisory: OpenShift File Integrity Operator bug fix and enhancement update",
"tracking": {
"current_release_date": "2026-05-19T21:13:30+00:00",
"generator": {
"date": "2026-05-19T21:13:30+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2025:21913",
"initial_release_date": "2025-11-21T21:19:46+00:00",
"revision_history": [
{
"date": "2025-11-21T21:19:46+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-11-21T21:19:54+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-19T21:13:30+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "File Integrity Operator 1",
"product": {
"name": "File Integrity Operator 1",
"product_id": "File Integrity Operator 1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_file_integrity_operator:1::el9"
}
}
}
],
"category": "product_family",
"name": "File Integrity Operator"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-file-integrity-operator-bundle@sha256:7520e7694e24b0de7e904f1833f9de1bd147eba17cda43aaece3a4df259e6a73_amd64",
"product": {
"name": "registry.redhat.io/compliance/openshift-file-integrity-operator-bundle@sha256:7520e7694e24b0de7e904f1833f9de1bd147eba17cda43aaece3a4df259e6a73_amd64",
"product_id": "registry.redhat.io/compliance/openshift-file-integrity-operator-bundle@sha256:7520e7694e24b0de7e904f1833f9de1bd147eba17cda43aaece3a4df259e6a73_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-file-integrity-operator-bundle@sha256%3A7520e7694e24b0de7e904f1833f9de1bd147eba17cda43aaece3a4df259e6a73?arch=amd64\u0026repository_url=registry.redhat.io/compliance"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:86d2378dea6c26da92e19e1a8dc9c9fb0fa8587fd60f83e6cc4503153e753db9_amd64",
"product": {
"name": "registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:86d2378dea6c26da92e19e1a8dc9c9fb0fa8587fd60f83e6cc4503153e753db9_amd64",
"product_id": "registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:86d2378dea6c26da92e19e1a8dc9c9fb0fa8587fd60f83e6cc4503153e753db9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-file-integrity-rhel8-operator@sha256%3A86d2378dea6c26da92e19e1a8dc9c9fb0fa8587fd60f83e6cc4503153e753db9?arch=amd64\u0026repository_url=registry.redhat.io/compliance"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605_ppc64le",
"product": {
"name": "registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605_ppc64le",
"product_id": "registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-file-integrity-rhel8-operator@sha256%3A364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605?arch=ppc64le\u0026repository_url=registry.redhat.io/compliance"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:59fcdf4ea159ba76fdb582011263672646dd9d63304a91592c0a21d0f43986a4_s390x",
"product": {
"name": "registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:59fcdf4ea159ba76fdb582011263672646dd9d63304a91592c0a21d0f43986a4_s390x",
"product_id": "registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:59fcdf4ea159ba76fdb582011263672646dd9d63304a91592c0a21d0f43986a4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-file-integrity-rhel8-operator@sha256%3A59fcdf4ea159ba76fdb582011263672646dd9d63304a91592c0a21d0f43986a4?arch=s390x\u0026repository_url=registry.redhat.io/compliance"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-file-integrity-operator-bundle@sha256:7520e7694e24b0de7e904f1833f9de1bd147eba17cda43aaece3a4df259e6a73_amd64 as a component of File Integrity Operator 1",
"product_id": "File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-operator-bundle@sha256:7520e7694e24b0de7e904f1833f9de1bd147eba17cda43aaece3a4df259e6a73_amd64"
},
"product_reference": "registry.redhat.io/compliance/openshift-file-integrity-operator-bundle@sha256:7520e7694e24b0de7e904f1833f9de1bd147eba17cda43aaece3a4df259e6a73_amd64",
"relates_to_product_reference": "File Integrity Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605_ppc64le as a component of File Integrity Operator 1",
"product_id": "File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605_ppc64le"
},
"product_reference": "registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605_ppc64le",
"relates_to_product_reference": "File Integrity Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:59fcdf4ea159ba76fdb582011263672646dd9d63304a91592c0a21d0f43986a4_s390x as a component of File Integrity Operator 1",
"product_id": "File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:59fcdf4ea159ba76fdb582011263672646dd9d63304a91592c0a21d0f43986a4_s390x"
},
"product_reference": "registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:59fcdf4ea159ba76fdb582011263672646dd9d63304a91592c0a21d0f43986a4_s390x",
"relates_to_product_reference": "File Integrity Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:86d2378dea6c26da92e19e1a8dc9c9fb0fa8587fd60f83e6cc4503153e753db9_amd64 as a component of File Integrity Operator 1",
"product_id": "File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:86d2378dea6c26da92e19e1a8dc9c9fb0fa8587fd60f83e6cc4503153e753db9_amd64"
},
"product_reference": "registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:86d2378dea6c26da92e19e1a8dc9c9fb0fa8587fd60f83e6cc4503153e753db9_amd64",
"relates_to_product_reference": "File Integrity Operator 1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-5914",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2025-06-06T17:58:25.491000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-operator-bundle@sha256:7520e7694e24b0de7e904f1833f9de1bd147eba17cda43aaece3a4df259e6a73_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2370861"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has rated this vulnerability as Important because it allows a local attacker with limited privileges to trigger a double-free in libarchive\u0027s RAR parser by providing a specially crafted RAR archive. Successful exploitation could result in code execution or application crashes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605_ppc64le",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:59fcdf4ea159ba76fdb582011263672646dd9d63304a91592c0a21d0f43986a4_s390x",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:86d2378dea6c26da92e19e1a8dc9c9fb0fa8587fd60f83e6cc4503153e753db9_amd64"
],
"known_not_affected": [
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-operator-bundle@sha256:7520e7694e24b0de7e904f1833f9de1bd147eba17cda43aaece3a4df259e6a73_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-5914"
},
{
"category": "external",
"summary": "RHBZ#2370861",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370861"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-5914",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5914"
},
{
"category": "external",
"summary": "https://github.com/libarchive/libarchive/pull/2598",
"url": "https://github.com/libarchive/libarchive/pull/2598"
},
{
"category": "external",
"summary": "https://github.com/libarchive/libarchive/releases/tag/v3.8.0",
"url": "https://github.com/libarchive/libarchive/releases/tag/v3.8.0"
}
],
"release_date": "2025-05-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-21T21:19:46+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your\nsystem have been applied. For details on how to apply this update, refer to:\n \nhttps://docs.openshift.com/container-platform/latest/updating/updating_a_cluster/updating-cluster-cli.html",
"product_ids": [
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605_ppc64le",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:59fcdf4ea159ba76fdb582011263672646dd9d63304a91592c0a21d0f43986a4_s390x",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:86d2378dea6c26da92e19e1a8dc9c9fb0fa8587fd60f83e6cc4503153e753db9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21913"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-operator-bundle@sha256:7520e7694e24b0de7e904f1833f9de1bd147eba17cda43aaece3a4df259e6a73_amd64",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605_ppc64le",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:59fcdf4ea159ba76fdb582011263672646dd9d63304a91592c0a21d0f43986a4_s390x",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:86d2378dea6c26da92e19e1a8dc9c9fb0fa8587fd60f83e6cc4503153e753db9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c"
},
{
"cve": "CVE-2025-6965",
"cwe": {
"id": "CWE-197",
"name": "Numeric Truncation Error"
},
"discovery_date": "2025-07-15T14:02:19.241458+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-operator-bundle@sha256:7520e7694e24b0de7e904f1833f9de1bd147eba17cda43aaece3a4df259e6a73_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380149"
}
],
"notes": [
{
"category": "description",
"text": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sqlite: Integer Truncation in SQLite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in SQLite is categorized as Important rather than Critical because, although it involves memory corruption, the conditions required to trigger it are relatively constrained. The flaw arises when a query causes the number of aggregate terms to exceed internal limits, leading to potential buffer overflows or memory mismanagement. However, exploitation requires the ability to craft complex SQL queries and interact with the SQLite engine in a specific manner\u2014typically through direct SQL input. There is no known evidence of arbitrary code execution, privilege escalation, or remote exploitability as a direct result of this flaw. Additionally, most SQLite deployments are embedded in applications where input is tightly controlled or sanitized.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605_ppc64le",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:59fcdf4ea159ba76fdb582011263672646dd9d63304a91592c0a21d0f43986a4_s390x",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:86d2378dea6c26da92e19e1a8dc9c9fb0fa8587fd60f83e6cc4503153e753db9_amd64"
],
"known_not_affected": [
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-operator-bundle@sha256:7520e7694e24b0de7e904f1833f9de1bd147eba17cda43aaece3a4df259e6a73_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "RHBZ#2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://www.oracle.com/security-alerts/cpujan2026.html#AppendixMSQL",
"url": "https://www.oracle.com/security-alerts/cpujan2026.html#AppendixMSQL"
},
{
"category": "external",
"summary": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8",
"url": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8"
}
],
"release_date": "2025-07-15T13:44:00.784000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-21T21:19:46+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your\nsystem have been applied. For details on how to apply this update, refer to:\n \nhttps://docs.openshift.com/container-platform/latest/updating/updating_a_cluster/updating-cluster-cli.html",
"product_ids": [
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605_ppc64le",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:59fcdf4ea159ba76fdb582011263672646dd9d63304a91592c0a21d0f43986a4_s390x",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:86d2378dea6c26da92e19e1a8dc9c9fb0fa8587fd60f83e6cc4503153e753db9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21913"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-operator-bundle@sha256:7520e7694e24b0de7e904f1833f9de1bd147eba17cda43aaece3a4df259e6a73_amd64",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605_ppc64le",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:59fcdf4ea159ba76fdb582011263672646dd9d63304a91592c0a21d0f43986a4_s390x",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:86d2378dea6c26da92e19e1a8dc9c9fb0fa8587fd60f83e6cc4503153e753db9_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-operator-bundle@sha256:7520e7694e24b0de7e904f1833f9de1bd147eba17cda43aaece3a4df259e6a73_amd64",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605_ppc64le",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:59fcdf4ea159ba76fdb582011263672646dd9d63304a91592c0a21d0f43986a4_s390x",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:86d2378dea6c26da92e19e1a8dc9c9fb0fa8587fd60f83e6cc4503153e753db9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "sqlite: Integer Truncation in SQLite"
},
{
"acknowledgments": [
{
"names": [
"Sergei Glazunov"
],
"organization": "Google Project Zero"
}
],
"cve": "CVE-2025-7425",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-07-10T09:37:28.172000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-operator-bundle@sha256:7520e7694e24b0de7e904f1833f9de1bd147eba17cda43aaece3a4df259e6a73_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2379274"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may access freed memory, causing crashes or enabling attackers to trigger heap corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxslt: libxml2: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This heap-use-after-free vulnerability in libxslt is rated Important because it can lead to memory corruption and application crashes. The flaw arises when internal attribute metadata (atype) is modified by libxslt\u0027s xsltSetSourceNodeFlags() function during processing of result tree fragments. If the flag corruption prevents proper removal of ID references, later memory cleanup routines may operate on already-freed memory. Since libxslt is commonly used in server-side XML processing, this could result in denial-of-service or potentially facilitate code execution under certain memory reuse conditions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605_ppc64le",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:59fcdf4ea159ba76fdb582011263672646dd9d63304a91592c0a21d0f43986a4_s390x",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:86d2378dea6c26da92e19e1a8dc9c9fb0fa8587fd60f83e6cc4503153e753db9_amd64"
],
"known_not_affected": [
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-operator-bundle@sha256:7520e7694e24b0de7e904f1833f9de1bd147eba17cda43aaece3a4df259e6a73_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-7425"
},
{
"category": "external",
"summary": "RHBZ#2379274",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379274"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-7425",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-7425"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/140",
"url": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/140"
}
],
"release_date": "2025-07-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-21T21:19:46+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your\nsystem have been applied. For details on how to apply this update, refer to:\n \nhttps://docs.openshift.com/container-platform/latest/updating/updating_a_cluster/updating-cluster-cli.html",
"product_ids": [
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605_ppc64le",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:59fcdf4ea159ba76fdb582011263672646dd9d63304a91592c0a21d0f43986a4_s390x",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:86d2378dea6c26da92e19e1a8dc9c9fb0fa8587fd60f83e6cc4503153e753db9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21913"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-operator-bundle@sha256:7520e7694e24b0de7e904f1833f9de1bd147eba17cda43aaece3a4df259e6a73_amd64",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605_ppc64le",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:59fcdf4ea159ba76fdb582011263672646dd9d63304a91592c0a21d0f43986a4_s390x",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:86d2378dea6c26da92e19e1a8dc9c9fb0fa8587fd60f83e6cc4503153e753db9_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-operator-bundle@sha256:7520e7694e24b0de7e904f1833f9de1bd147eba17cda43aaece3a4df259e6a73_amd64",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605_ppc64le",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:59fcdf4ea159ba76fdb582011263672646dd9d63304a91592c0a21d0f43986a4_s390x",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:86d2378dea6c26da92e19e1a8dc9c9fb0fa8587fd60f83e6cc4503153e753db9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxslt: libxml2: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr"
},
{
"cve": "CVE-2025-49794",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-06-11T21:33:43.044000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-operator-bundle@sha256:7520e7694e24b0de7e904f1833f9de1bd147eba17cda43aaece3a4df259e6a73_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372373"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the \u003csch:name path=\"...\"/\u003e schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program\u0027s crash using libxml or other possible undefined behaviors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue was rated with a severity impact of Important by Red Hat Product Security, as libxml can be used to parse XML coming from the network depending on how the program consumes it and uses the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605_ppc64le",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:59fcdf4ea159ba76fdb582011263672646dd9d63304a91592c0a21d0f43986a4_s390x",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:86d2378dea6c26da92e19e1a8dc9c9fb0fa8587fd60f83e6cc4503153e753db9_amd64"
],
"known_not_affected": [
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-operator-bundle@sha256:7520e7694e24b0de7e904f1833f9de1bd147eba17cda43aaece3a4df259e6a73_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49794"
},
{
"category": "external",
"summary": "RHBZ#2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/931",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/931"
}
],
"release_date": "2025-06-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-21T21:19:46+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your\nsystem have been applied. For details on how to apply this update, refer to:\n \nhttps://docs.openshift.com/container-platform/latest/updating/updating_a_cluster/updating-cluster-cli.html",
"product_ids": [
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605_ppc64le",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:59fcdf4ea159ba76fdb582011263672646dd9d63304a91592c0a21d0f43986a4_s390x",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:86d2378dea6c26da92e19e1a8dc9c9fb0fa8587fd60f83e6cc4503153e753db9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21913"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than avoid processing untrusted XML documents before updating to the libxml version containing the fix.",
"product_ids": [
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-operator-bundle@sha256:7520e7694e24b0de7e904f1833f9de1bd147eba17cda43aaece3a4df259e6a73_amd64",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605_ppc64le",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:59fcdf4ea159ba76fdb582011263672646dd9d63304a91592c0a21d0f43986a4_s390x",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:86d2378dea6c26da92e19e1a8dc9c9fb0fa8587fd60f83e6cc4503153e753db9_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-operator-bundle@sha256:7520e7694e24b0de7e904f1833f9de1bd147eba17cda43aaece3a4df259e6a73_amd64",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605_ppc64le",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:59fcdf4ea159ba76fdb582011263672646dd9d63304a91592c0a21d0f43986a4_s390x",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:86d2378dea6c26da92e19e1a8dc9c9fb0fa8587fd60f83e6cc4503153e753db9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)"
},
{
"cve": "CVE-2025-49796",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-06-12T00:35:26.470000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-operator-bundle@sha256:7520e7694e24b0de7e904f1833f9de1bd147eba17cda43aaece3a4df259e6a73_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372385"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Type confusion leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has evaluated this vulnerability as having an Important security impact, as libxml can be used to parse XML from the network depending on how the program consumes it using the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605_ppc64le",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:59fcdf4ea159ba76fdb582011263672646dd9d63304a91592c0a21d0f43986a4_s390x",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:86d2378dea6c26da92e19e1a8dc9c9fb0fa8587fd60f83e6cc4503153e753db9_amd64"
],
"known_not_affected": [
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-operator-bundle@sha256:7520e7694e24b0de7e904f1833f9de1bd147eba17cda43aaece3a4df259e6a73_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49796"
},
{
"category": "external",
"summary": "RHBZ#2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/933",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/933"
}
],
"release_date": "2025-06-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-21T21:19:46+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your\nsystem have been applied. For details on how to apply this update, refer to:\n \nhttps://docs.openshift.com/container-platform/latest/updating/updating_a_cluster/updating-cluster-cli.html",
"product_ids": [
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605_ppc64le",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:59fcdf4ea159ba76fdb582011263672646dd9d63304a91592c0a21d0f43986a4_s390x",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:86d2378dea6c26da92e19e1a8dc9c9fb0fa8587fd60f83e6cc4503153e753db9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21913"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than to avoid processing untrusted XML documents if the user is unable/unwilling to update the library.",
"product_ids": [
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-operator-bundle@sha256:7520e7694e24b0de7e904f1833f9de1bd147eba17cda43aaece3a4df259e6a73_amd64",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605_ppc64le",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:59fcdf4ea159ba76fdb582011263672646dd9d63304a91592c0a21d0f43986a4_s390x",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:86d2378dea6c26da92e19e1a8dc9c9fb0fa8587fd60f83e6cc4503153e753db9_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-operator-bundle@sha256:7520e7694e24b0de7e904f1833f9de1bd147eba17cda43aaece3a4df259e6a73_amd64",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605_ppc64le",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:59fcdf4ea159ba76fdb582011263672646dd9d63304a91592c0a21d0f43986a4_s390x",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:86d2378dea6c26da92e19e1a8dc9c9fb0fa8587fd60f83e6cc4503153e753db9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Type confusion leads to Denial of service (DoS)"
},
{
"cve": "CVE-2025-54389",
"cwe": {
"id": "CWE-117",
"name": "Improper Output Neutralization for Logs"
},
"discovery_date": "2025-08-12T18:45:34.800000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-operator-bundle@sha256:7520e7694e24b0de7e904f1833f9de1bd147eba17cda43aaece3a4df259e6a73_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2388019"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in AIDE. This flaw allows an attacker to craft a malicious filename by including terminal escape sequences to hide the addition or removal of the file from the report and tamper with the log output. A local user may exploit this to bypass AIDE\u0027s detection of malicious files. Additionally, the output of extended attribute key names and symbolic links targets is also not properly neutralized.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "aide: improper output neutralization enables bypassing",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605_ppc64le",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:59fcdf4ea159ba76fdb582011263672646dd9d63304a91592c0a21d0f43986a4_s390x",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:86d2378dea6c26da92e19e1a8dc9c9fb0fa8587fd60f83e6cc4503153e753db9_amd64"
],
"known_not_affected": [
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-operator-bundle@sha256:7520e7694e24b0de7e904f1833f9de1bd147eba17cda43aaece3a4df259e6a73_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-54389"
},
{
"category": "external",
"summary": "RHBZ#2388019",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388019"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-54389",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54389"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-54389",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54389"
}
],
"release_date": "2025-08-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-21T21:19:46+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your\nsystem have been applied. For details on how to apply this update, refer to:\n \nhttps://docs.openshift.com/container-platform/latest/updating/updating_a_cluster/updating-cluster-cli.html",
"product_ids": [
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605_ppc64le",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:59fcdf4ea159ba76fdb582011263672646dd9d63304a91592c0a21d0f43986a4_s390x",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:86d2378dea6c26da92e19e1a8dc9c9fb0fa8587fd60f83e6cc4503153e753db9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21913"
},
{
"category": "workaround",
"details": "Currently, no mitigation is available for this vulnerability.",
"product_ids": [
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-operator-bundle@sha256:7520e7694e24b0de7e904f1833f9de1bd147eba17cda43aaece3a4df259e6a73_amd64",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605_ppc64le",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:59fcdf4ea159ba76fdb582011263672646dd9d63304a91592c0a21d0f43986a4_s390x",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:86d2378dea6c26da92e19e1a8dc9c9fb0fa8587fd60f83e6cc4503153e753db9_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-operator-bundle@sha256:7520e7694e24b0de7e904f1833f9de1bd147eba17cda43aaece3a4df259e6a73_amd64",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605_ppc64le",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:59fcdf4ea159ba76fdb582011263672646dd9d63304a91592c0a21d0f43986a4_s390x",
"File Integrity Operator 1:registry.redhat.io/compliance/openshift-file-integrity-rhel8-operator@sha256:86d2378dea6c26da92e19e1a8dc9c9fb0fa8587fd60f83e6cc4503153e753db9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "aide: improper output neutralization enables bypassing"
}
]
}
RHSA-2026:0326
Vulnerability from csaf_redhat - Published: 2026-01-15 18:47 - Updated: 2026-05-27 07:48Summary
Red Hat Security Advisory: OpenShift Container Platform 4.16.55 bug fix and security update
Severity
Important
Notes
Topic: Red Hat OpenShift Container Platform release 4.16.55 is now available with updates to packages and images that fix several bugs and add enhancements.
This release includes a security update for Red Hat OpenShift Container Platform 4.16.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the container images for Red Hat OpenShift Container Platform 4.16.55. See the following advisory for the RPM packages for this release:
https://access.redhat.com/errata/157888
Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:
https://docs.redhat.com/en/documentation/openshift_container_platform/4.16/html/release_notes/
Security Fix(es):
* libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c (CVE-2025-5914)
* bind: Resource exhaustion via malformed DNSKEY handling (CVE-2025-8677)
* bind: Cache poisoning attacks with unsolicited RRs (CVE-2025-40778)
* bind: Cache poisoning due to weak PRNG (CVE-2025-40780)
* expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing (CVE-2025-59375)
* libssh: out-of-bounds read in sftp_handle() (CVE-2025-5318)
* qemu-kvm: VNC WebSocket handshake use-after-free (CVE-2025-11234)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
All OpenShift Container Platform 4.16 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.16/html-single/updating_clusters/index#updating-cluster-cli.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authenticated remote attacker to potentially read unintended memory regions, exposing sensitive information or affect service behavior.
8.1 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSE-4.16:rhcos-aarch64-416.94.202601071926-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.16:rhcos-ppc64le-416.94.202601071926-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.16:rhcos-s390x-416.94.202601071926-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.16:rhcos-x86_64-416.94.202601071926-0 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.
7.8 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSE-4.16:rhcos-aarch64-416.94.202601071926-0 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.16:rhcos-ppc64le-416.94.202601071926-0 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.16:rhcos-s390x-416.94.202601071926-0 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.16:rhcos-x86_64-416.94.202601071926-0 | — |
Vendor Fix
fix
|
Threats
Impact
Important
A vulnerability was found in BIND 9 resolvers, where processing malformed DNSKEY records from a specially crafted zone can lead to resource exhaustion, primarily causing excessive CPU utilization. This issue enables a remote, unauthenticated attacker to degrade resolver performance and potentially cause a denial of service (DoS) for legitimate DNS clients.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSE-4.16:rhcos-aarch64-416.94.202601071926-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.16:rhcos-ppc64le-416.94.202601071926-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.16:rhcos-s390x-416.94.202601071926-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.16:rhcos-x86_64-416.94.202601071926-0 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can lead to the callback firing later on and triggering a use-after-free in the use of the channel. This can be abused by a malicious client with network access to the VNC WebSocket port to cause a denial of service during the WebSocket handshake prior to the VNC client authentication.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSE-4.16:rhcos-aarch64-416.94.202601071926-0 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.16:rhcos-ppc64le-416.94.202601071926-0 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.16:rhcos-s390x-416.94.202601071926-0 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.16:rhcos-x86_64-416.94.202601071926-0 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A vulnerability exists in BIND’s DNS resolver logic that makes it overly permissive when accepting resource records (RRs) in responses. Under certain conditions, this flaw allows attackers to inject unsolicited or forged DNS records into the cache. This can be exploited to poison the resolver cache, redirecting clients to malicious domains or unauthorized servers.
8.6 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSE-4.16:rhcos-aarch64-416.94.202601071926-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.16:rhcos-ppc64le-416.94.202601071926-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.16:rhcos-s390x-416.94.202601071926-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.16:rhcos-x86_64-416.94.202601071926-0 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A vulnerability was found in BIND resolvers caused by a weakness in the Pseudo Random Number Generator (PRNG). This weakness allows an attacker to potentially predict the source port and query ID used by BIND, enabling cache poisoning attacks. If successful, the attacker can inject malicious DNS responses into the resolver’s cache, causing clients to receive spoofed DNS data. Authoritative servers are generally unaffected, but recursive resolvers are exposed to this risk. Exploitation is remote and does not require user interaction.
8.6 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSE-4.16:rhcos-aarch64-416.94.202601071926-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.16:rhcos-ppc64le-416.94.202601071926-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.16:rhcos-s390x-416.94.202601071926-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.16:rhcos-x86_64-416.94.202601071926-0 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.
5.3 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSE-4.16:rhcos-aarch64-416.94.202601071926-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.16:rhcos-ppc64le-416.94.202601071926-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.16:rhcos-s390x-416.94.202601071926-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.16:rhcos-x86_64-416.94.202601071926-0 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
43 references
Acknowledgments
Ronald Crane
Cylo
Grant Millar
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.16.55 is now available with updates to packages and images that fix several bugs and add enhancements.\n\nThis release includes a security update for Red Hat OpenShift Container Platform 4.16.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the container images for Red Hat OpenShift Container Platform 4.16.55. See the following advisory for the RPM packages for this release:\n\nhttps://access.redhat.com/errata/157888\n\nSpace precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.16/html/release_notes/\n\nSecurity Fix(es):\n\n* libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c (CVE-2025-5914)\n* bind: Resource exhaustion via malformed DNSKEY handling (CVE-2025-8677)\n* bind: Cache poisoning attacks with unsolicited RRs (CVE-2025-40778)\n* bind: Cache poisoning due to weak PRNG (CVE-2025-40780)\n* expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing (CVE-2025-59375)\n* libssh: out-of-bounds read in sftp_handle() (CVE-2025-5318)\n* qemu-kvm: VNC WebSocket handshake use-after-free (CVE-2025-11234)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAll OpenShift Container Platform 4.16 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.16/html-single/updating_clusters/index#updating-cluster-cli.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:0326",
"url": "https://access.redhat.com/errata/RHSA-2026:0326"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2369131",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369131"
},
{
"category": "external",
"summary": "2370861",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370861"
},
{
"category": "external",
"summary": "2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "2401209",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2401209"
},
{
"category": "external",
"summary": "2405827",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2405827"
},
{
"category": "external",
"summary": "2405829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2405829"
},
{
"category": "external",
"summary": "2405830",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2405830"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_0326.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.16.55 bug fix and security update",
"tracking": {
"current_release_date": "2026-05-27T07:48:32+00:00",
"generator": {
"date": "2026-05-27T07:48:32+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2026:0326",
"initial_release_date": "2026-01-15T18:47:30+00:00",
"revision_history": [
{
"date": "2026-01-15T18:47:30+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-15T18:47:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-27T07:48:32+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.16",
"product": {
"name": "Red Hat OpenShift Container Platform 4.16",
"product_id": "9Base-RHOSE-4.16",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.16::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos-aarch64-416.94.202601071926-0",
"product": {
"name": "rhcos-aarch64-416.94.202601071926-0",
"product_id": "rhcos-aarch64-416.94.202601071926-0",
"product_identification_helper": {
"purl": "pkg:generic/redhat/rhcos@416.94.202601071926?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos-ppc64le-416.94.202601071926-0",
"product": {
"name": "rhcos-ppc64le-416.94.202601071926-0",
"product_id": "rhcos-ppc64le-416.94.202601071926-0",
"product_identification_helper": {
"purl": "pkg:generic/redhat/rhcos@416.94.202601071926?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos-s390x-416.94.202601071926-0",
"product": {
"name": "rhcos-s390x-416.94.202601071926-0",
"product_id": "rhcos-s390x-416.94.202601071926-0",
"product_identification_helper": {
"purl": "pkg:generic/redhat/rhcos@416.94.202601071926?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos-x86_64-416.94.202601071926-0",
"product": {
"name": "rhcos-x86_64-416.94.202601071926-0",
"product_id": "rhcos-x86_64-416.94.202601071926-0",
"product_identification_helper": {
"purl": "pkg:generic/redhat/rhcos@416.94.202601071926?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos-aarch64-416.94.202601071926-0 as a component of Red Hat OpenShift Container Platform 4.16",
"product_id": "9Base-RHOSE-4.16:rhcos-aarch64-416.94.202601071926-0"
},
"product_reference": "rhcos-aarch64-416.94.202601071926-0",
"relates_to_product_reference": "9Base-RHOSE-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos-ppc64le-416.94.202601071926-0 as a component of Red Hat OpenShift Container Platform 4.16",
"product_id": "9Base-RHOSE-4.16:rhcos-ppc64le-416.94.202601071926-0"
},
"product_reference": "rhcos-ppc64le-416.94.202601071926-0",
"relates_to_product_reference": "9Base-RHOSE-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos-s390x-416.94.202601071926-0 as a component of Red Hat OpenShift Container Platform 4.16",
"product_id": "9Base-RHOSE-4.16:rhcos-s390x-416.94.202601071926-0"
},
"product_reference": "rhcos-s390x-416.94.202601071926-0",
"relates_to_product_reference": "9Base-RHOSE-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos-x86_64-416.94.202601071926-0 as a component of Red Hat OpenShift Container Platform 4.16",
"product_id": "9Base-RHOSE-4.16:rhcos-x86_64-416.94.202601071926-0"
},
"product_reference": "rhcos-x86_64-416.94.202601071926-0",
"relates_to_product_reference": "9Base-RHOSE-4.16"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Ronald Crane"
]
}
],
"cve": "CVE-2025-5318",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-05-29T06:48:59.169000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2369131"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authenticated remote attacker to potentially read unintended memory regions, exposing sensitive information or affect service behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libssh: out-of-bounds read in sftp_handle()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue requires an attacker with valid credentials to access a server, limiting the scope to legitimate users of the SFTP service. Due to this reason, this flaw has been rated with a Moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.16:rhcos-aarch64-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-ppc64le-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-s390x-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-x86_64-416.94.202601071926-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-5318"
},
{
"category": "external",
"summary": "RHBZ#2369131",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369131"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-5318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-5318",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5318"
},
{
"category": "external",
"summary": "https://www.libssh.org/security/advisories/CVE-2025-5318.txt",
"url": "https://www.libssh.org/security/advisories/CVE-2025-5318.txt"
}
],
"release_date": "2025-06-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-15T18:47:30+00:00",
"details": "For OpenShift Container Platform 4.16 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.16/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:283a4968c61885c67fd17ea4d6920b665c98d53fa85fc897e067d3c4c131da3b\n\n (For s390x architecture)\n The image digest is sha256:5db06d746a26930aa3a8ec756f77cfcf76bcfb838327a5c71d3a0e6d920b85c6\n\n (For ppc64le architecture)\n The image digest is sha256:444378df90349f12c84ec1447dfb2afa40fd28e6596d8d9ab9a37b9013fc6a62\n\n (For aarch64 architecture)\n The image digest is sha256:c837b6a0325105e8f1487cdebf12d1b41eaa609a88f37baf986f5361ba66b08b\n\nAll OpenShift Container Platform 4.16 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.16/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.16:rhcos-aarch64-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-ppc64le-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-s390x-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-x86_64-416.94.202601071926-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0326"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHOSE-4.16:rhcos-aarch64-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-ppc64le-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-s390x-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-x86_64-416.94.202601071926-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.16:rhcos-aarch64-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-ppc64le-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-s390x-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-x86_64-416.94.202601071926-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libssh: out-of-bounds read in sftp_handle()"
},
{
"cve": "CVE-2025-5914",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2025-06-06T17:58:25.491000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2370861"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has rated this vulnerability as Important because it allows a local attacker with limited privileges to trigger a double-free in libarchive\u0027s RAR parser by providing a specially crafted RAR archive. Successful exploitation could result in code execution or application crashes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.16:rhcos-aarch64-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-ppc64le-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-s390x-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-x86_64-416.94.202601071926-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-5914"
},
{
"category": "external",
"summary": "RHBZ#2370861",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370861"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-5914",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5914"
},
{
"category": "external",
"summary": "https://github.com/libarchive/libarchive/pull/2598",
"url": "https://github.com/libarchive/libarchive/pull/2598"
},
{
"category": "external",
"summary": "https://github.com/libarchive/libarchive/releases/tag/v3.8.0",
"url": "https://github.com/libarchive/libarchive/releases/tag/v3.8.0"
}
],
"release_date": "2025-05-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-15T18:47:30+00:00",
"details": "For OpenShift Container Platform 4.16 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.16/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:283a4968c61885c67fd17ea4d6920b665c98d53fa85fc897e067d3c4c131da3b\n\n (For s390x architecture)\n The image digest is sha256:5db06d746a26930aa3a8ec756f77cfcf76bcfb838327a5c71d3a0e6d920b85c6\n\n (For ppc64le architecture)\n The image digest is sha256:444378df90349f12c84ec1447dfb2afa40fd28e6596d8d9ab9a37b9013fc6a62\n\n (For aarch64 architecture)\n The image digest is sha256:c837b6a0325105e8f1487cdebf12d1b41eaa609a88f37baf986f5361ba66b08b\n\nAll OpenShift Container Platform 4.16 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.16/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.16:rhcos-aarch64-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-ppc64le-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-s390x-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-x86_64-416.94.202601071926-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0326"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.16:rhcos-aarch64-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-ppc64le-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-s390x-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-x86_64-416.94.202601071926-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c"
},
{
"cve": "CVE-2025-8677",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2025-10-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2405830"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in BIND 9 resolvers, where processing malformed DNSKEY records from a specially crafted zone can lead to resource exhaustion, primarily causing excessive CPU utilization. This issue enables a remote, unauthenticated attacker to degrade resolver performance and potentially cause a denial of service (DoS) for legitimate DNS clients.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bind: Resource exhaustion via malformed DNSKEY handling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is considered Important because it allows a remote, unauthenticated attacker to cause significant CPU exhaustion on vulnerable BIND resolvers by serving zones containing malformed DNSKEY records. The flaw triggers excessive computational effort during DNSKEY validation, leading to degraded performance and potential denial of service for legitimate clients. However, the issue affects availability only\u2014it does not enable code execution, data exposure, or privilege escalation\u2014so it is not classified as critical. Furthermore, authoritative servers are not impacted, limiting the scope of exposure to recursive resolvers. While the attack is easy to launch and can disrupt DNS operations, its effect ceases once the malicious traffic stops, making prompt patching and recursive access control effective mitigations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.16:rhcos-aarch64-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-ppc64le-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-s390x-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-x86_64-416.94.202601071926-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-8677"
},
{
"category": "external",
"summary": "RHBZ#2405830",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2405830"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-8677",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-8677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8677"
}
],
"release_date": "2025-10-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-15T18:47:30+00:00",
"details": "For OpenShift Container Platform 4.16 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.16/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:283a4968c61885c67fd17ea4d6920b665c98d53fa85fc897e067d3c4c131da3b\n\n (For s390x architecture)\n The image digest is sha256:5db06d746a26930aa3a8ec756f77cfcf76bcfb838327a5c71d3a0e6d920b85c6\n\n (For ppc64le architecture)\n The image digest is sha256:444378df90349f12c84ec1447dfb2afa40fd28e6596d8d9ab9a37b9013fc6a62\n\n (For aarch64 architecture)\n The image digest is sha256:c837b6a0325105e8f1487cdebf12d1b41eaa609a88f37baf986f5361ba66b08b\n\nAll OpenShift Container Platform 4.16 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.16/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.16:rhcos-aarch64-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-ppc64le-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-s390x-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-x86_64-416.94.202601071926-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0326"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.\n\nTo reduce risk, restrict recursive queries to trusted or internal networks only, and apply rate limiting or firewall rules to prevent excessive or repetitive requests. Enabling DNSSEC validation helps reject forged records, while isolating recursive resolvers from authoritative servers limits the impact of potential cache poisoning. Active monitoring of CPU usage, query volume, and cache anomalies can provide early warning of abuse or attacks.",
"product_ids": [
"9Base-RHOSE-4.16:rhcos-aarch64-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-ppc64le-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-s390x-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-x86_64-416.94.202601071926-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.16:rhcos-aarch64-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-ppc64le-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-s390x-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-x86_64-416.94.202601071926-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "bind: Resource exhaustion via malformed DNSKEY handling"
},
{
"acknowledgments": [
{
"names": [
"Grant Millar"
],
"organization": "Cylo"
}
],
"cve": "CVE-2025-11234",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2401209"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can lead to the callback firing later on and triggering a use-after-free in the use of the channel. This can be abused by a malicious client with network access to the VNC WebSocket port to cause a denial of service during the WebSocket handshake prior to the VNC client authentication.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "qemu-kvm: VNC WebSocket handshake use-after-free",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE has been rated as Moderate because it only affects the WebSocket protocol for communication (the VNC raw TCP socket is not affected) and the use of QEMU\u0027s in-process WebSocket feature is fairly niche.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.16:rhcos-aarch64-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-ppc64le-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-s390x-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-x86_64-416.94.202601071926-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-11234"
},
{
"category": "external",
"summary": "RHBZ#2401209",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2401209"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-11234",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11234"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-11234",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-11234"
}
],
"release_date": "2025-09-30T12:18:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-15T18:47:30+00:00",
"details": "For OpenShift Container Platform 4.16 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.16/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:283a4968c61885c67fd17ea4d6920b665c98d53fa85fc897e067d3c4c131da3b\n\n (For s390x architecture)\n The image digest is sha256:5db06d746a26930aa3a8ec756f77cfcf76bcfb838327a5c71d3a0e6d920b85c6\n\n (For ppc64le architecture)\n The image digest is sha256:444378df90349f12c84ec1447dfb2afa40fd28e6596d8d9ab9a37b9013fc6a62\n\n (For aarch64 architecture)\n The image digest is sha256:c837b6a0325105e8f1487cdebf12d1b41eaa609a88f37baf986f5361ba66b08b\n\nAll OpenShift Container Platform 4.16 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.16/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.16:rhcos-aarch64-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-ppc64le-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-s390x-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-x86_64-416.94.202601071926-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0326"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.16:rhcos-aarch64-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-ppc64le-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-s390x-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-x86_64-416.94.202601071926-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "qemu-kvm: VNC WebSocket handshake use-after-free"
},
{
"cve": "CVE-2025-40778",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2025-10-22T15:07:23.729000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2405827"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability exists in BIND\u2019s DNS resolver logic that makes it overly permissive when accepting resource records (RRs) in responses. Under certain conditions, this flaw allows attackers to inject unsolicited or forged DNS records into the cache. This can be exploited to poison the resolver cache, redirecting clients to malicious domains or unauthorized servers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bind: Cache poisoning attacks with unsolicited RRs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "It is classified as Important rather than Critical because its impact is limited to cache poisoning within recursive resolvers and does not allow direct code execution, privilege escalation, or service disruption. The vulnerability affects the accuracy of DNS responses, but not the availability or confidentiality of systems. Additionally, DNSSEC-enabled deployments and restricted recursive access can significantly mitigate exploitation risks. Therefore, while the flaw can misdirect network traffic and compromise trust in name resolution, it does not directly compromise the underlying server or client systems, justifying an Important \u2014 but not Critical \u2014 severity rating.\n\nTechnical Analysis:\nThe issue arises because BIND fails to strictly validate unsolicited resource records accompanying legitimate DNS responses. This gap allows forged recursive resolvers to be cached as valid entries. Since the attack is remote, requires no authentication, and exploits a low-complexity vector, it is highly impactful in recursive resolver environments\u2014especially those exposed to untrusted clients or open resolvers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.16:rhcos-aarch64-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-ppc64le-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-s390x-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-x86_64-416.94.202601071926-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-40778"
},
{
"category": "external",
"summary": "RHBZ#2405827",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2405827"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-40778",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40778"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-40778",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-40778"
}
],
"release_date": "2025-10-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-15T18:47:30+00:00",
"details": "For OpenShift Container Platform 4.16 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.16/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:283a4968c61885c67fd17ea4d6920b665c98d53fa85fc897e067d3c4c131da3b\n\n (For s390x architecture)\n The image digest is sha256:5db06d746a26930aa3a8ec756f77cfcf76bcfb838327a5c71d3a0e6d920b85c6\n\n (For ppc64le architecture)\n The image digest is sha256:444378df90349f12c84ec1447dfb2afa40fd28e6596d8d9ab9a37b9013fc6a62\n\n (For aarch64 architecture)\n The image digest is sha256:c837b6a0325105e8f1487cdebf12d1b41eaa609a88f37baf986f5361ba66b08b\n\nAll OpenShift Container Platform 4.16 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.16/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.16:rhcos-aarch64-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-ppc64le-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-s390x-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-x86_64-416.94.202601071926-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0326"
},
{
"category": "workaround",
"details": "While it is not possible to eliminate risk from this vulnerability, there are several options for reducing the risk. These include restricting recursive queries to trusted or internal networks only, and apply rate limiting or firewall rules to prevent excessive or repetitive requests. Enabling DNSSEC validation helps reject forged records, while isolating recursive resolvers from authoritative servers limits the impact of potential cache poisoning. Active monitoring of CPU usage, query volume, and cache anomalies can provide early warning of abuse or attacks.",
"product_ids": [
"9Base-RHOSE-4.16:rhcos-aarch64-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-ppc64le-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-s390x-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-x86_64-416.94.202601071926-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.16:rhcos-aarch64-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-ppc64le-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-s390x-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-x86_64-416.94.202601071926-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "bind: Cache poisoning attacks with unsolicited RRs"
},
{
"cve": "CVE-2025-40780",
"cwe": {
"id": "CWE-338",
"name": "Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)"
},
"discovery_date": "2025-10-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2405829"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in BIND resolvers caused by a weakness in the Pseudo Random Number Generator (PRNG). This weakness allows an attacker to potentially predict the source port and query ID used by BIND, enabling cache poisoning attacks. If successful, the attacker can inject malicious DNS responses into the resolver\u2019s cache, causing clients to receive spoofed DNS data. Authoritative servers are generally unaffected, but recursive resolvers are exposed to this risk. Exploitation is remote and does not require user interaction.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bind: Cache poisoning due to weak PRNG",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in BIND 9 resolvers caused by a weakness in the Pseudo Random Number Generator (PRNG) used to select the UDP source port and DNS query (transaction) ID. Exploitation requires an attacker to correctly predict both values and race the legitimate authoritative response with a spoofed packet to perform cache poisoning. While the PRNG weakness reduces entropy and makes prediction feasible under certain conditions, this still requires precise timing, on-path or spoofing capabilities, and targeting of recursive resolvers.\n\nThe impact is limited to resolver cache integrity; it does not allow remote code execution, privilege escalation, or direct compromise of the BIND server itself. Authoritative servers are not affected. Additionally, operational mitigations such as DNSSEC validation, access control restricting recursion, and network-level packet filtering reduce real-world exploitability. No active exploits have been observed in the wild.\n\nBecause exploitation is non-trivial, requires network-level spoofing and precise timing, and only affects cache integrity without server compromise, the vulnerability is considered Important rather than Critical.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.16:rhcos-aarch64-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-ppc64le-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-s390x-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-x86_64-416.94.202601071926-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-40780"
},
{
"category": "external",
"summary": "RHBZ#2405829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2405829"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-40780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40780"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-40780",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-40780"
}
],
"release_date": "2025-10-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-15T18:47:30+00:00",
"details": "For OpenShift Container Platform 4.16 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.16/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:283a4968c61885c67fd17ea4d6920b665c98d53fa85fc897e067d3c4c131da3b\n\n (For s390x architecture)\n The image digest is sha256:5db06d746a26930aa3a8ec756f77cfcf76bcfb838327a5c71d3a0e6d920b85c6\n\n (For ppc64le architecture)\n The image digest is sha256:444378df90349f12c84ec1447dfb2afa40fd28e6596d8d9ab9a37b9013fc6a62\n\n (For aarch64 architecture)\n The image digest is sha256:c837b6a0325105e8f1487cdebf12d1b41eaa609a88f37baf986f5361ba66b08b\n\nAll OpenShift Container Platform 4.16 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.16/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.16:rhcos-aarch64-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-ppc64le-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-s390x-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-x86_64-416.94.202601071926-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0326"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.\n\nTo reduce risk, restrict recursive queries to trusted or internal networks only, and apply rate limiting or firewall rules to prevent excessive or repetitive requests. Enabling DNSSEC validation helps reject forged records, while isolating recursive resolvers from authoritative servers limits the impact of potential cache poisoning. Active monitoring of CPU usage, query volume, and cache anomalies can provide early warning of abuse or attacks.",
"product_ids": [
"9Base-RHOSE-4.16:rhcos-aarch64-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-ppc64le-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-s390x-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-x86_64-416.94.202601071926-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.16:rhcos-aarch64-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-ppc64le-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-s390x-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-x86_64-416.94.202601071926-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "bind: Cache poisoning due to weak PRNG"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classified as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.16:rhcos-aarch64-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-ppc64le-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-s390x-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-x86_64-416.94.202601071926-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2025-59375",
"url": "https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2025-59375"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2025-59375",
"url": "https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2025-59375"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-15T18:47:30+00:00",
"details": "For OpenShift Container Platform 4.16 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.16/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:283a4968c61885c67fd17ea4d6920b665c98d53fa85fc897e067d3c4c131da3b\n\n (For s390x architecture)\n The image digest is sha256:5db06d746a26930aa3a8ec756f77cfcf76bcfb838327a5c71d3a0e6d920b85c6\n\n (For ppc64le architecture)\n The image digest is sha256:444378df90349f12c84ec1447dfb2afa40fd28e6596d8d9ab9a37b9013fc6a62\n\n (For aarch64 architecture)\n The image digest is sha256:c837b6a0325105e8f1487cdebf12d1b41eaa609a88f37baf986f5361ba66b08b\n\nAll OpenShift Container Platform 4.16 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.16/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.16:rhcos-aarch64-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-ppc64le-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-s390x-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-x86_64-416.94.202601071926-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0326"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"9Base-RHOSE-4.16:rhcos-aarch64-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-ppc64le-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-s390x-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-x86_64-416.94.202601071926-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.16:rhcos-aarch64-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-ppc64le-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-s390x-416.94.202601071926-0",
"9Base-RHOSE-4.16:rhcos-x86_64-416.94.202601071926-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
}
]
}
RHSA-2026:0934
Vulnerability from csaf_redhat - Published: 2026-01-22 04:35 - Updated: 2026-05-27 07:48Summary
Red Hat Security Advisory: Release of OpenShift Serverless Logic 1.36.0 security update & enhancements
Severity
Important
Notes
Topic: Release of OpenShift Serverless Logic 1.36.0
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: This release includes CVE bug fixes:
* CVE-2024-12718 python3-libs-3.6.8-69.el8_10.x86_64 platform-python-3.6.8-69.el8_10.x86_64 RHSA-2025:10128
* CVE-2025-30749 java-17-openjdk-devel-17.0.15.0.6-2.el8.x86_64 java-17-openjdk-17.0.15.0.6-2.el8.x86_64 java-17-openjdk-headless-17.0.15.0.6-2.el8.x86_64 RHSA-2025:10867
* CVE-2025-40778 python3-bind-9.11.36-16.el8_10.4.noarch bind-license-9.11.36-16.el8_10.4.noarch bind-libs-9.11.36-16.el8_10.4.x86_64 bind-libs-lite-9.11.36-16.el8_10.4.x86_64 bind-utils-9.11.36-16.el8_10.4.x86_64 RHSA-2025:19835
* CVE-2025-4138 platform-python-3.6.8-69.el8_10.x86_64 python3-libs-3.6.8-69.el8_10.x86_64 RHSA-2025:10128
* CVE-2025-4517 python3-libs-3.6.8-69.el8_10.x86_64 platform-python-3.6.8-69.el8_10.x86_64 RHSA-2025:10128
* CVE-2025-49794 libxml2-2.9.7-19.el8_10.x86_64 RHSA-2025:10698
* CVE-2025-49796 libxml2-2.9.7-19.el8_10.x86_64 RHSA-2025:10698
* CVE-2025-50059 java-17-openjdk-devel-17.0.15.0.6-2.el8.x86_64java-17-openjdk-17.0.15.0.6-2.el8.x86_64 java-17-openjdk-headless-17.0.15.0.6-2.el8.x86_64 RHSA-2025:10867
* CVE-2025-50106 java-17-openjdk-devel-17.0.15.0.6-2.el8.x86_64, java-17-openjdk-17.0.15.0.6-2.el8.x86_64java-17-openjdk-headless-17.0.15.0.6-2.el8.x86_64 RHSA-2025:10867
* CVE-2025-58060 cups-libs-2.2.6-62.el8_10.x86_64 RHSA-2025:15702
* CVE-2025-5914 libarchive-3.3.3-5.el8.x86_64 RHSA-2025:14135
* CVE-2025-59375 expat-2.2.5-17.el8_10.x86_64 RHSA-2025:21776
* CVE-2025-6020 pam-1.3.1-36.el8_10.x86_64 RHSA-2025:10027
* CVE-2025-6965 sqlite-libs-3.26.0-19.el8_9.x86_64 RHSA-2025:12010
* CVE-2025-7425 libxml2-2.9.7-19.el8_10.x86_64 RHSA-2025:12450
* CVE-2025-8941 pam-1.3.1-36.el8_10.x86_64 RHSA-2025:14557
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in CPython's tarfile module. This vulnerability allows modification of file metadata, such as timestamps or permissions, outside the intended extraction directory via maliciously crafted tar archives using the filter="data" or filter="tar" extraction filters.
7.6 (High)
Affected products
Fixed
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the Python tarfile module. This vulnerability allows attackers to bypass extraction filters, enabling symlink targets to escape the destination directory and allowing unauthorized modification of file metadata via the use of TarFile.extract() or TarFile.extractall() with the filter= parameter set to "data" or "tar".
7.5 (High)
Affected products
Fixed
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the CPython tarfile module. This vulnerability allows arbitrary filesystem writes outside the extraction directory via extracting untrusted tar archives using the TarFile.extractall() or TarFile.extract() methods with the extraction filter parameter set to "data" or "tar".
7.6 (High)
Affected products
Fixed
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64 | — |
Workaround
|
Threats
Impact
Important
A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.
7.8 (High)
Affected products
Fixed
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64 | — |
Vendor Fix
fix
|
Known not affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64 | — | ||
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64 | — |
Threats
Impact
Important
A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.
7.8 (High)
Affected products
Fixed
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64 | — |
Workaround
|
Threats
Impact
Important
A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.
7.7 (High)
Affected products
Fixed
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may access freed memory, causing crashes or enabling attackers to trigger heap corruption.
7.8 (High)
Affected products
Fixed
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020.
7.8 (High)
Affected products
Fixed
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64 | — |
Workaround
|
Threats
Impact
Important
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0.1; Oracle GraalVM Enterprise Edition: 21.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in takeover of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).
8.1 (High)
Affected products
Fixed
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64 | — |
Vendor Fix
fix
|
Known not affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64 | — | ||
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64 | — |
Threats
Impact
Important
A vulnerability exists in BIND’s DNS resolver logic that makes it overly permissive when accepting resource records (RRs) in responses. Under certain conditions, this flaw allows attackers to inject unsolicited or forged DNS records into the cache. This can be exploited to poison the resolver cache, redirecting clients to malicious domains or unauthorized servers.
8.6 (High)
Affected products
Fixed
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64 | — |
Workaround
|
Threats
Impact
Important
A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the <sch:name path="..."/> schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's crash using libxml or other possible undefined behaviors.
9.1 (Critical)
Affected products
Fixed
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64 | — |
Workaround
|
Threats
Impact
Important
A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.
9.1 (Critical)
Affected products
Fixed
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64 | — |
Workaround
|
Threats
Impact
Important
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0.1; Oracle GraalVM Enterprise Edition: 21.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. While the vulnerability is in Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 8.6 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N).
8.6 (High)
Affected products
Fixed
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64 | — |
Vendor Fix
fix
|
Known not affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64 | — | ||
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64 | — |
Threats
Impact
Important
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0.1; Oracle GraalVM Enterprise Edition: 21.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in takeover of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).
8.1 (High)
Affected products
Fixed
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64 | — |
Vendor Fix
fix
|
Known not affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64 | — | ||
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64 | — |
Threats
Impact
Important
A flaw was found in CUPS, a widely used printing service on Linux and UNIX-like systems. The issue arises when authentication is configured to use a method other than Basic, but the attacker sends an HTTP request with a Basic authentication header. Due to improper validation in the cupsdAuthorize() function, the password is not checked. This vulnerability allows attackers to bypass authentication entirely, resulting in unauthorized access to administrative functions and system configuration.
8.0 (High)
Affected products
Fixed
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64 | — |
Workaround
|
Threats
Impact
Important
A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.
5.3 (Medium)
Affected products
Fixed
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64 | — |
Workaround
|
Threats
Impact
Important
References
102 references
Acknowledgments
ANSSI - French Cybersecurity Agency
Olivier BAL-PETRE
Google Project Zero
Sergei Glazunov
Hristo Venev
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Release of OpenShift Serverless Logic 1.36.0\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release includes CVE bug fixes:\n* CVE-2024-12718\tpython3-libs-3.6.8-69.el8_10.x86_64 platform-python-3.6.8-69.el8_10.x86_64\tRHSA-2025:10128\n* CVE-2025-30749\tjava-17-openjdk-devel-17.0.15.0.6-2.el8.x86_64 java-17-openjdk-17.0.15.0.6-2.el8.x86_64 java-17-openjdk-headless-17.0.15.0.6-2.el8.x86_64\tRHSA-2025:10867\n* CVE-2025-40778\tpython3-bind-9.11.36-16.el8_10.4.noarch bind-license-9.11.36-16.el8_10.4.noarch bind-libs-9.11.36-16.el8_10.4.x86_64 bind-libs-lite-9.11.36-16.el8_10.4.x86_64 bind-utils-9.11.36-16.el8_10.4.x86_64\tRHSA-2025:19835\n* CVE-2025-4138\tplatform-python-3.6.8-69.el8_10.x86_64 python3-libs-3.6.8-69.el8_10.x86_64\tRHSA-2025:10128\n* CVE-2025-4517\tpython3-libs-3.6.8-69.el8_10.x86_64 platform-python-3.6.8-69.el8_10.x86_64\tRHSA-2025:10128\n* CVE-2025-49794\tlibxml2-2.9.7-19.el8_10.x86_64\tRHSA-2025:10698\n* CVE-2025-49796\tlibxml2-2.9.7-19.el8_10.x86_64\tRHSA-2025:10698\n* CVE-2025-50059\tjava-17-openjdk-devel-17.0.15.0.6-2.el8.x86_64java-17-openjdk-17.0.15.0.6-2.el8.x86_64 java-17-openjdk-headless-17.0.15.0.6-2.el8.x86_64\tRHSA-2025:10867\n* CVE-2025-50106\tjava-17-openjdk-devel-17.0.15.0.6-2.el8.x86_64, java-17-openjdk-17.0.15.0.6-2.el8.x86_64java-17-openjdk-headless-17.0.15.0.6-2.el8.x86_64\tRHSA-2025:10867\n* CVE-2025-58060\tcups-libs-2.2.6-62.el8_10.x86_64\tRHSA-2025:15702\n* CVE-2025-5914\tlibarchive-3.3.3-5.el8.x86_64\tRHSA-2025:14135\n* CVE-2025-59375\texpat-2.2.5-17.el8_10.x86_64\tRHSA-2025:21776\n* CVE-2025-6020\tpam-1.3.1-36.el8_10.x86_64\tRHSA-2025:10027\n* CVE-2025-6965\tsqlite-libs-3.26.0-19.el8_9.x86_64\tRHSA-2025:12010\n* CVE-2025-7425\tlibxml2-2.9.7-19.el8_10.x86_64\tRHSA-2025:12450\n* CVE-2025-8941\tpam-1.3.1-36.el8_10.x86_64\tRHSA-2025:14557",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:0934",
"url": "https://access.redhat.com/errata/RHSA-2026:0934"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2370013",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370013"
},
{
"category": "external",
"summary": "2370016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370016"
},
{
"category": "external",
"summary": "2370861",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370861"
},
{
"category": "external",
"summary": "2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "2372426",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372426"
},
{
"category": "external",
"summary": "2372512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372512"
},
{
"category": "external",
"summary": "2376783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376783"
},
{
"category": "external",
"summary": "2376785",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376785"
},
{
"category": "external",
"summary": "2379031",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379031"
},
{
"category": "external",
"summary": "2379274",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379274"
},
{
"category": "external",
"summary": "2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "2388220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388220"
},
{
"category": "external",
"summary": "2392595",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392595"
},
{
"category": "external",
"summary": "2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "2405827",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2405827"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_0934.json"
}
],
"title": "Red Hat Security Advisory: Release of OpenShift Serverless Logic 1.36.0 security update \u0026 enhancements",
"tracking": {
"current_release_date": "2026-05-27T07:48:40+00:00",
"generator": {
"date": "2026-05-27T07:48:40+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2026:0934",
"initial_release_date": "2026-01-22T04:35:39+00:00",
"revision_history": [
{
"date": "2026-01-22T04:35:39+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-22T04:35:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-27T07:48:40+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "8Base-Openshift-Serverless-1.36",
"product": {
"name": "8Base-Openshift-Serverless-1.36",
"product_id": "8Base-RHOSS-1.36",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_serverless:1.36::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Serverless"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"product": {
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"product_id": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-ephemeral-rhel8\u0026tag=1.36.0-11"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"product": {
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"product_id": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-postgresql-rhel8\u0026tag=1.36.0-11"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"product": {
"name": "openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"product_id": "openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-db-migrator-tool-rhel8\u0026tag=1.36.0-11"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"product": {
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"product_id": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-ephemeral-rhel8\u0026tag=1.36.0-10"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"product": {
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"product_id": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-postgresql-rhel8\u0026tag=1.36.0-10"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"product": {
"name": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"product_id": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8\u0026tag=1.36.0-4"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"product": {
"name": "openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"product_id": "openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-operator-bundle\u0026tag=1.36.0-12"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"product": {
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"product_id": "openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-rhel8-operator\u0026tag=1.36.0-18"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"product": {
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"product_id": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-builder-rhel8\u0026tag=1.36.0-11"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"product": {
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"product_id": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-devmode-rhel8\u0026tag=1.36.0-7"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"product_id": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-ephemeral-rhel8\u0026tag=1.36.0-11"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"product_id": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-postgresql-rhel8\u0026tag=1.36.0-11"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"product_id": "openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-db-migrator-tool-rhel8\u0026tag=1.36.0-11"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"product_id": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-ephemeral-rhel8\u0026tag=1.36.0-10"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"product_id": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-postgresql-rhel8\u0026tag=1.36.0-10"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"product_id": "openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-operator-bundle\u0026tag=1.36.0-12"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"product_id": "openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-rhel8-operator\u0026tag=1.36.0-18"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"product_id": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-builder-rhel8\u0026tag=1.36.0-11"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"product_id": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-devmode-rhel8\u0026tag=1.36.0-7"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"product": {
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"product_id": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-ephemeral-rhel8\u0026tag=1.36.0-11"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"product": {
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"product_id": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-postgresql-rhel8\u0026tag=1.36.0-11"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"product": {
"name": "openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"product_id": "openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-db-migrator-tool-rhel8\u0026tag=1.36.0-11"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"product": {
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"product_id": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-ephemeral-rhel8\u0026tag=1.36.0-10"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"product": {
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"product_id": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-postgresql-rhel8\u0026tag=1.36.0-10"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"product": {
"name": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"product_id": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8\u0026tag=1.36.0-4"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"product": {
"name": "openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"product_id": "openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-management-console-rhel8\u0026tag=1.36.0-9"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64",
"product": {
"name": "openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64",
"product_id": "openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-operator-bundle\u0026tag=1.36.0-12"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"product": {
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"product_id": "openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-rhel8-operator\u0026tag=1.36.0-18"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"product": {
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"product_id": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-builder-rhel8\u0026tag=1.36.0-11"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64",
"product": {
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64",
"product_id": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-devmode-rhel8\u0026tag=1.36.0-7"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64 as a component of 8Base-Openshift-Serverless-1.36",
"product_id": "8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64"
},
"product_reference": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.36"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64 as a component of 8Base-Openshift-Serverless-1.36",
"product_id": "8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64"
},
"product_reference": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.36"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le as a component of 8Base-Openshift-Serverless-1.36",
"product_id": "8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.36"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64 as a component of 8Base-Openshift-Serverless-1.36",
"product_id": "8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64"
},
"product_reference": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.36"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64 as a component of 8Base-Openshift-Serverless-1.36",
"product_id": "8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64"
},
"product_reference": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.36"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le as a component of 8Base-Openshift-Serverless-1.36",
"product_id": "8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.36"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64 as a component of 8Base-Openshift-Serverless-1.36",
"product_id": "8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64"
},
"product_reference": "openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.36"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64 as a component of 8Base-Openshift-Serverless-1.36",
"product_id": "8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64"
},
"product_reference": "openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.36"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le as a component of 8Base-Openshift-Serverless-1.36",
"product_id": "8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.36"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64 as a component of 8Base-Openshift-Serverless-1.36",
"product_id": "8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64"
},
"product_reference": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.36"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le as a component of 8Base-Openshift-Serverless-1.36",
"product_id": "8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.36"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64 as a component of 8Base-Openshift-Serverless-1.36",
"product_id": "8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64"
},
"product_reference": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.36"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64 as a component of 8Base-Openshift-Serverless-1.36",
"product_id": "8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64"
},
"product_reference": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.36"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le as a component of 8Base-Openshift-Serverless-1.36",
"product_id": "8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.36"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64 as a component of 8Base-Openshift-Serverless-1.36",
"product_id": "8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64"
},
"product_reference": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.36"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64 as a component of 8Base-Openshift-Serverless-1.36",
"product_id": "8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64"
},
"product_reference": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.36"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64 as a component of 8Base-Openshift-Serverless-1.36",
"product_id": "8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64"
},
"product_reference": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.36"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64 as a component of 8Base-Openshift-Serverless-1.36",
"product_id": "8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64"
},
"product_reference": "openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.36"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64 as a component of 8Base-Openshift-Serverless-1.36",
"product_id": "8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64"
},
"product_reference": "openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.36"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le as a component of 8Base-Openshift-Serverless-1.36",
"product_id": "8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.36"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64 as a component of 8Base-Openshift-Serverless-1.36",
"product_id": "8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64"
},
"product_reference": "openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.36"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64 as a component of 8Base-Openshift-Serverless-1.36",
"product_id": "8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64"
},
"product_reference": "openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.36"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le as a component of 8Base-Openshift-Serverless-1.36",
"product_id": "8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.36"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64 as a component of 8Base-Openshift-Serverless-1.36",
"product_id": "8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64"
},
"product_reference": "openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.36"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64 as a component of 8Base-Openshift-Serverless-1.36",
"product_id": "8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64"
},
"product_reference": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.36"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64 as a component of 8Base-Openshift-Serverless-1.36",
"product_id": "8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64"
},
"product_reference": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.36"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le as a component of 8Base-Openshift-Serverless-1.36",
"product_id": "8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.36"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le as a component of 8Base-Openshift-Serverless-1.36",
"product_id": "8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.36"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64 as a component of 8Base-Openshift-Serverless-1.36",
"product_id": "8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64"
},
"product_reference": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.36"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64 as a component of 8Base-Openshift-Serverless-1.36",
"product_id": "8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
},
"product_reference": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.36"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-12718",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-06-03T14:00:57.613538+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2370013"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in CPython\u0027s tarfile module. This vulnerability allows modification of file metadata, such as timestamps or permissions, outside the intended extraction directory via maliciously crafted tar archives using the filter=\"data\" or filter=\"tar\" extraction filters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cpython: python: Bypass extraction filter to modify file metadata outside extraction directory",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this vulnerability was lowered due to the fact that successful exploitation requires the attacker to convince a privileged user or process to extract a malicious tar file. Since tar file extraction typically occurs in trusted contexts or with elevated privileges, the impact is reduced by the requirement of such access.\n\nVersions of python36:3.6/python36 as shipped with Red Hat Enterprise Linux 8 are marked as \u0027Not affected\u0027 as they just provide \"symlinks\" to the main python3 component, which provides the actual interpreter of the Python programming language.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
],
"known_not_affected": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-12718"
},
{
"category": "external",
"summary": "RHBZ#2370013",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370013"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-12718",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12718"
},
{
"category": "external",
"summary": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f",
"url": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a",
"url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a",
"url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/127987",
"url": "https://github.com/python/cpython/issues/127987"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/135034",
"url": "https://github.com/python/cpython/issues/135034"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/135037",
"url": "https://github.com/python/cpython/pull/135037"
},
{
"category": "external",
"summary": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/"
}
],
"release_date": "2025-06-03T12:59:10.908000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-22T04:35:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0934"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "cpython: python: Bypass extraction filter to modify file metadata outside extraction directory"
},
{
"cve": "CVE-2025-4138",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-06-12T09:03:58.434950+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372426"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Python tarfile module. This vulnerability allows attackers to bypass extraction filters, enabling symlink targets to escape the destination directory and allowing unauthorized modification of file metadata via the use of TarFile.extract() or TarFile.extractall() with the filter= parameter set to \"data\" or \"tar\".",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Versions of python36:3.6/python36 as shipped with Red Hat Enterprise Linux 8 are marked as \u0027Not affected\u0027 as they just provide \"symlinks\" to the main python3 component, which provides the actual interpreter of the Python programming language.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
],
"known_not_affected": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-4138"
},
{
"category": "external",
"summary": "RHBZ#2372426",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372426"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-4138",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4138"
},
{
"category": "external",
"summary": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f",
"url": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a",
"url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a",
"url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/135034",
"url": "https://github.com/python/cpython/issues/135034"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/135037",
"url": "https://github.com/python/cpython/pull/135037"
},
{
"category": "external",
"summary": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/"
}
],
"release_date": "2025-06-03T12:59:02.717000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-22T04:35:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0934"
},
{
"category": "workaround",
"details": "Red Hat recommends upgrading to a fixed release of Python as soon as one is available. This vulnerability can be mitigated by rejecting links inside tarfiles that use relative references to the parent directory. The upstream advisory provides this example code:\n\n\u0027\u0027\u0027\n# Avoid insecure segments in link names.\nfor member in tar.getmembers():\n if not member.islnk():\n continue\n if os.pardir in os.path.split(member.linkname):\n raise OSError(\"Tarfile with insecure segment (\u0027..\u0027) in linkname\")\n\n# Now safe to extract members with the data filter.\ntar.extractall(filter=\"data\")\n\u0027\u0027\u0027",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory"
},
{
"cve": "CVE-2025-4517",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-06-03T14:01:12.271192+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2370016"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the CPython tarfile module. This vulnerability allows arbitrary filesystem writes outside the extraction directory via extracting untrusted tar archives using the TarFile.extractall() or TarFile.extract() methods with the extraction filter parameter set to \"data\" or \"tar\".",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python: cpython: Arbitrary writes via tarfile realpath overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this vulnerability was lowered due to the fact that successful exploitation requires the attacker to convince a privileged user or process to extract a malicious tar file. Since tar file extraction typically occurs in trusted contexts or with elevated privileges, the impact is reduced by the requirement of such access.\n\nVersions of python36:3.6/python36 as shipped with Red Hat Enterprise Linux 8 are marked as \u0027Not affected\u0027 as they just provide \"symlinks\" to the main python3 component, which provides the actual interpreter of the Python programming language.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
],
"known_not_affected": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-4517"
},
{
"category": "external",
"summary": "RHBZ#2370016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370016"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-4517",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4517"
},
{
"category": "external",
"summary": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f",
"url": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a",
"url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a",
"url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/135034",
"url": "https://github.com/python/cpython/issues/135034"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/135037",
"url": "https://github.com/python/cpython/pull/135037"
},
{
"category": "external",
"summary": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/"
}
],
"release_date": "2025-06-03T12:58:50.352000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-22T04:35:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0934"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "python: cpython: Arbitrary writes via tarfile realpath overflow"
},
{
"cve": "CVE-2025-5914",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2025-06-06T17:58:25.491000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2370861"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has rated this vulnerability as Important because it allows a local attacker with limited privileges to trigger a double-free in libarchive\u0027s RAR parser by providing a specially crafted RAR archive. Successful exploitation could result in code execution or application crashes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
],
"known_not_affected": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-5914"
},
{
"category": "external",
"summary": "RHBZ#2370861",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370861"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-5914",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5914"
},
{
"category": "external",
"summary": "https://github.com/libarchive/libarchive/pull/2598",
"url": "https://github.com/libarchive/libarchive/pull/2598"
},
{
"category": "external",
"summary": "https://github.com/libarchive/libarchive/releases/tag/v3.8.0",
"url": "https://github.com/libarchive/libarchive/releases/tag/v3.8.0"
}
],
"release_date": "2025-05-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-22T04:35:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0934"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c"
},
{
"acknowledgments": [
{
"names": [
"Olivier BAL-PETRE"
],
"organization": "ANSSI - French Cybersecurity Agency"
}
],
"cve": "CVE-2025-6020",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-06-12T16:33:01.214000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372512"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "linux-pam: Linux-pam directory Traversal",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in pam_namespace marked as Important rather than Moderate due to its direct impact on privilege boundaries and the ease of exploitation in common configurations. By leveraging symlink attacks or race conditions in polyinstantiated directories under their control, unprivileged local users can escalate to root, compromising the entire system. Since pam_namespace is often used in multi-user environments (e.g., shared systems, terminal servers, containers), a misconfigured or partially protected setup becomes a single point of failure. The attack does not require special capabilities or kernel-level exploits\u2014just timing and control over certain paths\u2014making it both reliable and low-barrier. Moreover, privilege escalation flaws like this can be chained with other vulnerabilities to persist or evade detection, further amplifying the risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
],
"known_not_affected": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6020"
},
{
"category": "external",
"summary": "RHBZ#2372512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372512"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6020",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6020"
},
{
"category": "external",
"summary": "https://github.com/linux-pam/linux-pam/security/advisories/GHSA-f9p8-gjr4-j9gx",
"url": "https://github.com/linux-pam/linux-pam/security/advisories/GHSA-f9p8-gjr4-j9gx"
}
],
"release_date": "2025-06-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-22T04:35:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0934"
},
{
"category": "workaround",
"details": "Disable the `pam_namespace` module if it is not essential for your environment, or carefully review and configure it to avoid operating on any directories or paths that can be influenced or controlled by unprivileged users, such as user home directories or world-writable locations like `/tmp`.",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "linux-pam: Linux-pam directory Traversal"
},
{
"cve": "CVE-2025-6965",
"cwe": {
"id": "CWE-197",
"name": "Numeric Truncation Error"
},
"discovery_date": "2025-07-15T14:02:19.241458+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380149"
}
],
"notes": [
{
"category": "description",
"text": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sqlite: Integer Truncation in SQLite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in SQLite is categorized as Important rather than Critical because, although it involves memory corruption, the conditions required to trigger it are relatively constrained. The flaw arises when a query causes the number of aggregate terms to exceed internal limits, leading to potential buffer overflows or memory mismanagement. However, exploitation requires the ability to craft complex SQL queries and interact with the SQLite engine in a specific manner\u2014typically through direct SQL input. There is no known evidence of arbitrary code execution, privilege escalation, or remote exploitability as a direct result of this flaw. Additionally, most SQLite deployments are embedded in applications where input is tightly controlled or sanitized.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
],
"known_not_affected": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "RHBZ#2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://www.oracle.com/security-alerts/cpujan2026.html#AppendixMSQL",
"url": "https://www.oracle.com/security-alerts/cpujan2026.html#AppendixMSQL"
},
{
"category": "external",
"summary": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8",
"url": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8"
}
],
"release_date": "2025-07-15T13:44:00.784000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-22T04:35:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0934"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "sqlite: Integer Truncation in SQLite"
},
{
"acknowledgments": [
{
"names": [
"Sergei Glazunov"
],
"organization": "Google Project Zero"
}
],
"cve": "CVE-2025-7425",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-07-10T09:37:28.172000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2379274"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may access freed memory, causing crashes or enabling attackers to trigger heap corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxslt: libxml2: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This heap-use-after-free vulnerability in libxslt is rated Important because it can lead to memory corruption and application crashes. The flaw arises when internal attribute metadata (atype) is modified by libxslt\u0027s xsltSetSourceNodeFlags() function during processing of result tree fragments. If the flag corruption prevents proper removal of ID references, later memory cleanup routines may operate on already-freed memory. Since libxslt is commonly used in server-side XML processing, this could result in denial-of-service or potentially facilitate code execution under certain memory reuse conditions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
],
"known_not_affected": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-7425"
},
{
"category": "external",
"summary": "RHBZ#2379274",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379274"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-7425",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-7425"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/140",
"url": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/140"
}
],
"release_date": "2025-07-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-22T04:35:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0934"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxslt: libxml2: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr"
},
{
"cve": "CVE-2025-8941",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-08-13T12:11:55.270000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2388220"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a \"complete\" fix for CVE-2025-6020.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "linux-pam: Incomplete fix for CVE-2025-6020",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in pam_namespace is rated Important because it allows a local, unprivileged user to escalate privileges to root by exploiting symlink attacks or race conditions in polyinstantiated directories under their control. Successful exploitation requires only the ability to create and manipulate filesystem paths in such directories, without the need for special capabilities or kernel-level vulnerabilities. In multi-user environments\u2014such as shared systems, terminal servers, or certain container deployments, an unprotected or misconfigured pam_namespace configuration can serve as a single point of compromise. Privilege escalation flaws of this nature may also be chained with other vulnerabilities to maintain persistence or evade detection, further increasing the overall impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
],
"known_not_affected": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-8941"
},
{
"category": "external",
"summary": "RHBZ#2388220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388220"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-8941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8941"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-8941",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8941"
}
],
"release_date": "2025-08-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-22T04:35:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0934"
},
{
"category": "workaround",
"details": "Disable the `pam_namespace` module if it is not essential for your environment, or carefully review and configure it to avoid operating on any directories or paths that can be influenced or controlled by unprivileged users, such as user home directories or world-writable locations like `/tmp`.",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "linux-pam: Incomplete fix for CVE-2025-6020"
},
{
"cve": "CVE-2025-30749",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2025-07-07T10:35:26.542000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2376783"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0.1; Oracle GraalVM Enterprise Edition: 21.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in takeover of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openjdk: Better Glyph drawing (Oracle CPU 2025-07)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
],
"known_not_affected": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-30749"
},
{
"category": "external",
"summary": "RHBZ#2376783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376783"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-30749",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-30749"
},
{
"category": "external",
"summary": "https://www.oracle.com/security-alerts/cpujul2025.html#AppendixJAVA",
"url": "https://www.oracle.com/security-alerts/cpujul2025.html#AppendixJAVA"
}
],
"release_date": "2025-07-15T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-22T04:35:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0934"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "openjdk: Better Glyph drawing (Oracle CPU 2025-07)"
},
{
"cve": "CVE-2025-40778",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2025-10-22T15:07:23.729000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2405827"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability exists in BIND\u2019s DNS resolver logic that makes it overly permissive when accepting resource records (RRs) in responses. Under certain conditions, this flaw allows attackers to inject unsolicited or forged DNS records into the cache. This can be exploited to poison the resolver cache, redirecting clients to malicious domains or unauthorized servers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bind: Cache poisoning attacks with unsolicited RRs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "It is classified as Important rather than Critical because its impact is limited to cache poisoning within recursive resolvers and does not allow direct code execution, privilege escalation, or service disruption. The vulnerability affects the accuracy of DNS responses, but not the availability or confidentiality of systems. Additionally, DNSSEC-enabled deployments and restricted recursive access can significantly mitigate exploitation risks. Therefore, while the flaw can misdirect network traffic and compromise trust in name resolution, it does not directly compromise the underlying server or client systems, justifying an Important \u2014 but not Critical \u2014 severity rating.\n\nTechnical Analysis:\nThe issue arises because BIND fails to strictly validate unsolicited resource records accompanying legitimate DNS responses. This gap allows forged recursive resolvers to be cached as valid entries. Since the attack is remote, requires no authentication, and exploits a low-complexity vector, it is highly impactful in recursive resolver environments\u2014especially those exposed to untrusted clients or open resolvers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
],
"known_not_affected": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-40778"
},
{
"category": "external",
"summary": "RHBZ#2405827",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2405827"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-40778",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40778"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-40778",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-40778"
}
],
"release_date": "2025-10-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-22T04:35:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0934"
},
{
"category": "workaround",
"details": "While it is not possible to eliminate risk from this vulnerability, there are several options for reducing the risk. These include restricting recursive queries to trusted or internal networks only, and apply rate limiting or firewall rules to prevent excessive or repetitive requests. Enabling DNSSEC validation helps reject forged records, while isolating recursive resolvers from authoritative servers limits the impact of potential cache poisoning. Active monitoring of CPU usage, query volume, and cache anomalies can provide early warning of abuse or attacks.",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "bind: Cache poisoning attacks with unsolicited RRs"
},
{
"cve": "CVE-2025-49794",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-06-11T21:33:43.044000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372373"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the \u003csch:name path=\"...\"/\u003e schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program\u0027s crash using libxml or other possible undefined behaviors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue was rated with a severity impact of Important by Red Hat Product Security, as libxml can be used to parse XML coming from the network depending on how the program consumes it and uses the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
],
"known_not_affected": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49794"
},
{
"category": "external",
"summary": "RHBZ#2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/931",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/931"
}
],
"release_date": "2025-06-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-22T04:35:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0934"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than avoid processing untrusted XML documents before updating to the libxml version containing the fix.",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)"
},
{
"cve": "CVE-2025-49796",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-06-12T00:35:26.470000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372385"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Type confusion leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has evaluated this vulnerability as having an Important security impact, as libxml can be used to parse XML from the network depending on how the program consumes it using the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
],
"known_not_affected": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49796"
},
{
"category": "external",
"summary": "RHBZ#2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/933",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/933"
}
],
"release_date": "2025-06-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-22T04:35:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0934"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than to avoid processing untrusted XML documents if the user is unable/unwilling to update the library.",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Type confusion leads to Denial of service (DoS)"
},
{
"cve": "CVE-2025-50059",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"discovery_date": "2025-07-07T10:48:25.047000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2376785"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0.1; Oracle GraalVM Enterprise Edition: 21.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. While the vulnerability is in Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 8.6 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openjdk: Improve HTTP client header handling (Oracle CPU 2025-07)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
],
"known_not_affected": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-50059"
},
{
"category": "external",
"summary": "RHBZ#2376785",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376785"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-50059",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-50059"
},
{
"category": "external",
"summary": "https://www.oracle.com/security-alerts/cpujul2025.html#AppendixJAVA",
"url": "https://www.oracle.com/security-alerts/cpujul2025.html#AppendixJAVA"
}
],
"release_date": "2025-07-15T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-22T04:35:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0934"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "openjdk: Improve HTTP client header handling (Oracle CPU 2025-07)"
},
{
"cve": "CVE-2025-50106",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2025-07-09T15:41:11.313000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2379031"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0.1; Oracle GraalVM Enterprise Edition: 21.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in takeover of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openjdk: Glyph out-of-memory access and crash (Oracle CPU 2025-07)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
],
"known_not_affected": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-50106"
},
{
"category": "external",
"summary": "RHBZ#2379031",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379031"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-50106",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-50106"
},
{
"category": "external",
"summary": "https://www.oracle.com/security-alerts/cpujul2025.html#AppendixJAVA",
"url": "https://www.oracle.com/security-alerts/cpujul2025.html#AppendixJAVA"
}
],
"release_date": "2025-07-15T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-22T04:35:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0934"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "openjdk: Glyph out-of-memory access and crash (Oracle CPU 2025-07)"
},
{
"acknowledgments": [
{
"names": [
"Hristo Venev"
]
}
],
"cve": "CVE-2025-58060",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2025-09-02T12:06:54.304000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392595"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in CUPS, a widely used printing service on Linux and UNIX-like systems. The issue arises when authentication is configured to use a method other than Basic, but the attacker sends an HTTP request with a Basic authentication header. Due to improper validation in the cupsdAuthorize() function, the password is not checked. This vulnerability allows attackers to bypass authentication entirely, resulting in unauthorized access to administrative functions and system configuration.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cups: Authentication Bypass in CUPS Authorization Handling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has assessed the severity of this vulnerability as Important, given that it enables complete authentication bypass. Exploitation requires no valid credentials and can be performed remotely in some configurations. Attackers could gain administrative privileges in CUPS, modify critical configuration files, or potentially escalate their access further depending on the system environment. The root cause is a missing authentication check when the AuthType is set to values other than Basic but a Basic authorization header is supplied.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
],
"known_not_affected": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58060"
},
{
"category": "external",
"summary": "RHBZ#2392595",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392595"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58060"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58060",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58060"
},
{
"category": "external",
"summary": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-4c68-qgrh-rmmq",
"url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-4c68-qgrh-rmmq"
}
],
"release_date": "2025-09-11T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-22T04:35:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0934"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to a widespread installation base, or stability. It is strongly advised to apply vendor-supplied patches as soon as they are released to address this authentication bypass vulnerability.",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "cups: Authentication Bypass in CUPS Authorization Handling"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classified as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
],
"known_not_affected": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2025-59375",
"url": "https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2025-59375"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2025-59375",
"url": "https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2025-59375"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-22T04:35:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0934"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:215d1630f58ae5bfb0e1d37f39af05af76cbd76b944719cd19586836d133d744_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:5c56a7766667f767be1caf592bbffac12ec7faf11604ff8c07f74b737299396c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:a7bc7836315c4cd780bd7ffb107c4766002338064688ab32d867e31f71555ec0_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:325ba169cd6a0997ecef78c9bbca638c16f014f6543b1a2e82b61f59fba9e96b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:47e272e4d713c566ef0bd8007bd78b6d28825607ec5b50b75ffe1c2b31b50711_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:5471e98d5131187f6610009cb438df50fe4fed9ab579ec83ab77da7c3bc6bb5b_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:3f43a82674556552e2810f752d02ac57dcc49b18aa8069b71d24509767468874_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:42d92634b80d989a8fa7c643208808e7086a51250fbc97db70b85df0e060720b_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-db-migrator-tool-rhel8@sha256:a686bf1195c72e3f9098da8b1ae07d41a955f02060b00f1a7df61c7e6c6cb05a_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:123a0cc1671c538b32253df3ffe87b34e76d57ce591cef090ab622a259c82999_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:83f82a69d50613cb57e29c6ed91517a2bd3727229606746984c2d198151bfc51_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:fa7aa68cbc334378d04020e573d1519fad14883a79dad86bcb229bd2ff5ed210_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:a561456600b960f618b60378d4d550c05ff7e48c05905725ec0dbdc9078ce557_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:d2040b3ca4cbbacf14a0c8140479c0539810aa62c3cce0a0cf3dcf9aad99333c_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:dc2d68799c2ab0324aab78d9b4317c9e3ffccbd459af2df099b8914bcc5431fa_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:0c1d73a9cdd16a603dec682dee19b1755590674f28c45d1393da227ceb528714_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:2b0b736c3f003557cc13e07c62153dcf693c6f023369dbe574f29167d7457993_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-management-console-rhel8@sha256:5da036d39d3bcd61641926d480ddefb02ef3f84630b7f9975a0ba0c757c5561c_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:1952b244eefe4a9befb32feb68517ba3cb33dabda85193304f8cf1865a983e12_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:3a7ac84bbdb706e4bbce0fed2e3c6b8c4cd14d12deee77470ac623198f0fe2f4_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-operator-bundle@sha256:82cab0630e0615a70f4a48aceca9ead900324a48b4d5e992f5f5d7b5f4186add_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:11ceb16782fc88337bdf1e25dea2450ef0a18f5e626ff66805f8139b87f1af0a_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:14121fa98dfdd1fe005140c16fc1d8c4534bfdadc200c361b96fff26864d5537_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-rhel8-operator@sha256:810ebae2db120891302d6d2c1a6878dd4f4f3c483c3842063ed3748df8a56e1e_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:888a3e0e145bbba887a28affa275a5b70d6d492cf2510e232db3b76d3cf45409_amd64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:8fdbbf0b40b85381aa8c5ec6f799f5856ca7a2fdf63230cadbd3a5d26ed471e3_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-builder-rhel8@sha256:b7a73d5750b374412a1d80318671f2f64f64fa4145b69cae4f8ae71b54519559_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:2cd2cd2e6975fdf774ea27bfb57c7c918b1177d1b5247d91052723bf6a44dd57_ppc64le",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:3f8da099dd2d7b4d0a3d5cd7016b551fdfd7d3d32ed74757db297470a04ee9e6_arm64",
"8Base-RHOSS-1.36:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c43f449ced50cfc662e9cf17dfa9af697d7fb6c816cc7849a68a0f5b5298d14c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
}
]
}
RHSA-2026:1541
Vulnerability from csaf_redhat - Published: 2026-02-05 16:26 - Updated: 2026-05-27 07:48Summary
Red Hat Security Advisory: OpenShift Container Platform 4.15.61 bug fix and security update
Severity
Important
Notes
Topic: Red Hat OpenShift Container Platform release 4.15.61 is now available with
updates to packages and images that fix several bugs and add enhancements.
This release includes a security update for Red Hat OpenShift Container
Platform 4.15.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Details: Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the container images for Red Hat OpenShift Container
Platform 4.15.61. See the following advisory for the RPM packages for this
release:
https://access.redhat.com/errata/RHSA-2026:1540
Space precludes documenting all of the container images in this advisory.
See the following Release Notes documentation, which will be updated
shortly for this release, for details about these changes:
https://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html/release_notes/
Security Fix(es):
* libarchive: Double free at archive_read_format_rar_seek_data() in
archive_read_support_format_rar.c (CVE-2025-5914)
* bind: Resource exhaustion via malformed DNSKEY handling (CVE-2025-8677)
* bind: Cache poisoning attacks with unsolicited RRs (CVE-2025-40778)
* bind: Cache poisoning due to weak PRNG (CVE-2025-40780)
* expat: libexpat in Expat allows attackers to trigger large dynamic memory
allocations via a small document that is submitted for parsing
(CVE-2025-59375)
* libssh: out-of-bounds read in sftp_handle() (CVE-2025-5318)
* libssh: Invalid return code for chacha20 poly1305 with OpenSSL backend
(CVE-2025-5987)
* libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in
libexslt/dynamic.c (CVE-2025-9714)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
All OpenShift Container Platform 4.15 users are advised to upgrade to these
updated packages and images when they are available in the appropriate
release channel. To check for available updates, use the OpenShift CLI (oc)
or web console. Instructions for upgrading a cluster are available at
https://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html-single/updating_clusters/index#updating-cluster-cli.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authenticated remote attacker to potentially read unintended memory regions, exposing sensitive information or affect service behavior.
8.1 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-aarch64-415.92.202601271320-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202601271320-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-s390x-415.92.202601271320-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-x86_64-415.92.202601271320-0 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.
7.8 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-aarch64-415.92.202601271320-0 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202601271320-0 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-s390x-415.92.202601271320-0 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-x86_64-415.92.202601271320-0 | — |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with the SSH_OK code, resulting in libssh not properly detecting the error returned by the OpenSSL library. This issue can lead to undefined behavior, including compromised data confidentiality and integrity or crashes.
8.1 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-aarch64-415.92.202601271320-0 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202601271320-0 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-s390x-415.92.202601271320-0 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-x86_64-415.92.202601271320-0 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A vulnerability was found in BIND 9 resolvers, where processing malformed DNSKEY records from a specially crafted zone can lead to resource exhaustion, primarily causing excessive CPU utilization. This issue enables a remote, unauthenticated attacker to degrade resolver performance and potentially cause a denial of service (DoS) for legitimate DNS clients.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-aarch64-415.92.202601271320-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202601271320-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-s390x-415.92.202601271320-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-x86_64-415.92.202601271320-0 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in libxstl/libxml2. The 'exsltDynMapFunction' function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling 'dyn:map()', leading to stack exhaustion and a local denial of service.
6.2 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-aarch64-415.92.202601271320-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202601271320-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-s390x-415.92.202601271320-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-x86_64-415.92.202601271320-0 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A vulnerability exists in BIND’s DNS resolver logic that makes it overly permissive when accepting resource records (RRs) in responses. Under certain conditions, this flaw allows attackers to inject unsolicited or forged DNS records into the cache. This can be exploited to poison the resolver cache, redirecting clients to malicious domains or unauthorized servers.
8.6 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-aarch64-415.92.202601271320-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202601271320-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-s390x-415.92.202601271320-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-x86_64-415.92.202601271320-0 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A vulnerability was found in BIND resolvers caused by a weakness in the Pseudo Random Number Generator (PRNG). This weakness allows an attacker to potentially predict the source port and query ID used by BIND, enabling cache poisoning attacks. If successful, the attacker can inject malicious DNS responses into the resolver’s cache, causing clients to receive spoofed DNS data. Authoritative servers are generally unaffected, but recursive resolvers are exposed to this risk. Exploitation is remote and does not require user interaction.
8.6 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-aarch64-415.92.202601271320-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202601271320-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-s390x-415.92.202601271320-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-x86_64-415.92.202601271320-0 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.
5.3 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-aarch64-415.92.202601271320-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202601271320-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-s390x-415.92.202601271320-0 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.15:rhcos-x86_64-415.92.202601271320-0 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
51 references
Acknowledgments
Ronald Crane
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.15.61 is now available with\nupdates to packages and images that fix several bugs and add enhancements.\n\n This release includes a security update for Red Hat OpenShift Container\nPlatform 4.15.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the container images for Red Hat OpenShift Container\nPlatform 4.15.61. See the following advisory for the RPM packages for this\nrelease:\n\nhttps://access.redhat.com/errata/RHSA-2026:1540\n\nSpace precludes documenting all of the container images in this advisory.\nSee the following Release Notes documentation, which will be updated\nshortly for this release, for details about these changes:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html/release_notes/\n\nSecurity Fix(es):\n\n* libarchive: Double free at archive_read_format_rar_seek_data() in\narchive_read_support_format_rar.c (CVE-2025-5914)\n* bind: Resource exhaustion via malformed DNSKEY handling (CVE-2025-8677)\n* bind: Cache poisoning attacks with unsolicited RRs (CVE-2025-40778)\n* bind: Cache poisoning due to weak PRNG (CVE-2025-40780)\n* expat: libexpat in Expat allows attackers to trigger large dynamic memory\nallocations via a small document that is submitted for parsing\n(CVE-2025-59375)\n* libssh: out-of-bounds read in sftp_handle() (CVE-2025-5318)\n* libssh: Invalid return code for chacha20 poly1305 with OpenSSL backend\n(CVE-2025-5987)\n* libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in\nlibexslt/dynamic.c (CVE-2025-9714)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.\n\nAll OpenShift Container Platform 4.15 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift CLI (oc)\nor web console. Instructions for upgrading a cluster are available at\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html-single/updating_clusters/index#updating-cluster-cli.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:1541",
"url": "https://access.redhat.com/errata/RHSA-2026:1541"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2369131",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369131"
},
{
"category": "external",
"summary": "2370861",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370861"
},
{
"category": "external",
"summary": "2376219",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376219"
},
{
"category": "external",
"summary": "2392605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392605"
},
{
"category": "external",
"summary": "2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "2405827",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2405827"
},
{
"category": "external",
"summary": "2405829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2405829"
},
{
"category": "external",
"summary": "2405830",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2405830"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_1541.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.15.61 bug fix and security update",
"tracking": {
"current_release_date": "2026-05-27T07:48:46+00:00",
"generator": {
"date": "2026-05-27T07:48:46+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2026:1541",
"initial_release_date": "2026-02-05T16:26:06+00:00",
"revision_history": [
{
"date": "2026-02-05T16:26:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-05T16:26:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-27T07:48:46+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.15",
"product": {
"name": "Red Hat OpenShift Container Platform 4.15",
"product_id": "9Base-RHOSE-4.15",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.15::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos-aarch64-415.92.202601271320-0",
"product": {
"name": "rhcos-aarch64-415.92.202601271320-0",
"product_id": "rhcos-aarch64-415.92.202601271320-0",
"product_identification_helper": {
"purl": "pkg:generic/redhat/rhcos@415.92.202601271320?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos-ppc64le-415.92.202601271320-0",
"product": {
"name": "rhcos-ppc64le-415.92.202601271320-0",
"product_id": "rhcos-ppc64le-415.92.202601271320-0",
"product_identification_helper": {
"purl": "pkg:generic/redhat/rhcos@415.92.202601271320?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos-s390x-415.92.202601271320-0",
"product": {
"name": "rhcos-s390x-415.92.202601271320-0",
"product_id": "rhcos-s390x-415.92.202601271320-0",
"product_identification_helper": {
"purl": "pkg:generic/redhat/rhcos@415.92.202601271320?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos-x86_64-415.92.202601271320-0",
"product": {
"name": "rhcos-x86_64-415.92.202601271320-0",
"product_id": "rhcos-x86_64-415.92.202601271320-0",
"product_identification_helper": {
"purl": "pkg:generic/redhat/rhcos@415.92.202601271320?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos-aarch64-415.92.202601271320-0 as a component of Red Hat OpenShift Container Platform 4.15",
"product_id": "9Base-RHOSE-4.15:rhcos-aarch64-415.92.202601271320-0"
},
"product_reference": "rhcos-aarch64-415.92.202601271320-0",
"relates_to_product_reference": "9Base-RHOSE-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos-ppc64le-415.92.202601271320-0 as a component of Red Hat OpenShift Container Platform 4.15",
"product_id": "9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202601271320-0"
},
"product_reference": "rhcos-ppc64le-415.92.202601271320-0",
"relates_to_product_reference": "9Base-RHOSE-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos-s390x-415.92.202601271320-0 as a component of Red Hat OpenShift Container Platform 4.15",
"product_id": "9Base-RHOSE-4.15:rhcos-s390x-415.92.202601271320-0"
},
"product_reference": "rhcos-s390x-415.92.202601271320-0",
"relates_to_product_reference": "9Base-RHOSE-4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos-x86_64-415.92.202601271320-0 as a component of Red Hat OpenShift Container Platform 4.15",
"product_id": "9Base-RHOSE-4.15:rhcos-x86_64-415.92.202601271320-0"
},
"product_reference": "rhcos-x86_64-415.92.202601271320-0",
"relates_to_product_reference": "9Base-RHOSE-4.15"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Ronald Crane"
]
}
],
"cve": "CVE-2025-5318",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-05-29T06:48:59.169000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2369131"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authenticated remote attacker to potentially read unintended memory regions, exposing sensitive information or affect service behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libssh: out-of-bounds read in sftp_handle()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue requires an attacker with valid credentials to access a server, limiting the scope to legitimate users of the SFTP service. Due to this reason, this flaw has been rated with a Moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202601271320-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-5318"
},
{
"category": "external",
"summary": "RHBZ#2369131",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369131"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-5318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-5318",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5318"
},
{
"category": "external",
"summary": "https://www.libssh.org/security/advisories/CVE-2025-5318.txt",
"url": "https://www.libssh.org/security/advisories/CVE-2025-5318.txt"
}
],
"release_date": "2025-06-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-05T16:26:06+00:00",
"details": "For OpenShift Container Platform 4.15 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata\nfor x86_64, s390x, ppc64le, and aarch64 architectures. The image digests\nmay be found at\nhttps://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:d517885ee59d46c2aca8be69fdcf916f78a510ae76a5a9f7875c1c5ab3cfc3c1\n\n (For s390x architecture)\n The image digest is sha256:3a4a7c87e8ca5f4e3803f8f203599b25055276a532df8e0b66ec4ec2ebc51f4c\n\n (For ppc64le architecture)\n The image digest is sha256:f34818181660a9f58a59e06dbe58f24de82dcbb688e5f940a41e62e08f1edf94\n\n (For aarch64 architecture)\n The image digest is sha256:24eeb2ea15ac709ed08df9b6f1a5d1ac334c4f7335c0ae5249e17298ab297517\n\nAll OpenShift Container Platform 4.15 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift CLI (oc)\nor web console. Instructions for upgrading a cluster are available at\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202601271320-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1541"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202601271320-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202601271320-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libssh: out-of-bounds read in sftp_handle()"
},
{
"cve": "CVE-2025-5914",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2025-06-06T17:58:25.491000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2370861"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has rated this vulnerability as Important because it allows a local attacker with limited privileges to trigger a double-free in libarchive\u0027s RAR parser by providing a specially crafted RAR archive. Successful exploitation could result in code execution or application crashes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202601271320-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-5914"
},
{
"category": "external",
"summary": "RHBZ#2370861",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370861"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-5914",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5914"
},
{
"category": "external",
"summary": "https://github.com/libarchive/libarchive/pull/2598",
"url": "https://github.com/libarchive/libarchive/pull/2598"
},
{
"category": "external",
"summary": "https://github.com/libarchive/libarchive/releases/tag/v3.8.0",
"url": "https://github.com/libarchive/libarchive/releases/tag/v3.8.0"
}
],
"release_date": "2025-05-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-05T16:26:06+00:00",
"details": "For OpenShift Container Platform 4.15 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata\nfor x86_64, s390x, ppc64le, and aarch64 architectures. The image digests\nmay be found at\nhttps://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:d517885ee59d46c2aca8be69fdcf916f78a510ae76a5a9f7875c1c5ab3cfc3c1\n\n (For s390x architecture)\n The image digest is sha256:3a4a7c87e8ca5f4e3803f8f203599b25055276a532df8e0b66ec4ec2ebc51f4c\n\n (For ppc64le architecture)\n The image digest is sha256:f34818181660a9f58a59e06dbe58f24de82dcbb688e5f940a41e62e08f1edf94\n\n (For aarch64 architecture)\n The image digest is sha256:24eeb2ea15ac709ed08df9b6f1a5d1ac334c4f7335c0ae5249e17298ab297517\n\nAll OpenShift Container Platform 4.15 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift CLI (oc)\nor web console. Instructions for upgrading a cluster are available at\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202601271320-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1541"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202601271320-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c"
},
{
"cve": "CVE-2025-5987",
"cwe": {
"id": "CWE-393",
"name": "Return of Wrong Status Code"
},
"discovery_date": "2025-07-03T21:55:26.394000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2376219"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with the SSH_OK code, resulting in libssh not properly detecting the error returned by the OpenSSL library. This issue can lead to undefined behavior, including compromised data confidentiality and integrity or crashes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libssh: Invalid return code for chacha20 poly1305 with OpenSSL backend",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security Team has rated this vulnerability as having a Moderate security impact. This is due to the high complexity in exploiting this flaw. For a successful attack to take place an attacker needs to manage to exhaust the heap space to for the OpenSSL library to return the error code which wrongly match the SSH_OK return code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202601271320-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-5987"
},
{
"category": "external",
"summary": "RHBZ#2376219",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376219"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-5987",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5987"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-5987",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5987"
},
{
"category": "external",
"summary": "https://www.libssh.org/security/advisories/CVE-2025-5987.txt",
"url": "https://www.libssh.org/security/advisories/CVE-2025-5987.txt"
}
],
"release_date": "2025-04-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-05T16:26:06+00:00",
"details": "For OpenShift Container Platform 4.15 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata\nfor x86_64, s390x, ppc64le, and aarch64 architectures. The image digests\nmay be found at\nhttps://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:d517885ee59d46c2aca8be69fdcf916f78a510ae76a5a9f7875c1c5ab3cfc3c1\n\n (For s390x architecture)\n The image digest is sha256:3a4a7c87e8ca5f4e3803f8f203599b25055276a532df8e0b66ec4ec2ebc51f4c\n\n (For ppc64le architecture)\n The image digest is sha256:f34818181660a9f58a59e06dbe58f24de82dcbb688e5f940a41e62e08f1edf94\n\n (For aarch64 architecture)\n The image digest is sha256:24eeb2ea15ac709ed08df9b6f1a5d1ac334c4f7335c0ae5249e17298ab297517\n\nAll OpenShift Container Platform 4.15 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift CLI (oc)\nor web console. Instructions for upgrading a cluster are available at\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202601271320-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1541"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202601271320-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libssh: Invalid return code for chacha20 poly1305 with OpenSSL backend"
},
{
"cve": "CVE-2025-8677",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2025-10-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2405830"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in BIND 9 resolvers, where processing malformed DNSKEY records from a specially crafted zone can lead to resource exhaustion, primarily causing excessive CPU utilization. This issue enables a remote, unauthenticated attacker to degrade resolver performance and potentially cause a denial of service (DoS) for legitimate DNS clients.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bind: Resource exhaustion via malformed DNSKEY handling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is considered Important because it allows a remote, unauthenticated attacker to cause significant CPU exhaustion on vulnerable BIND resolvers by serving zones containing malformed DNSKEY records. The flaw triggers excessive computational effort during DNSKEY validation, leading to degraded performance and potential denial of service for legitimate clients. However, the issue affects availability only\u2014it does not enable code execution, data exposure, or privilege escalation\u2014so it is not classified as critical. Furthermore, authoritative servers are not impacted, limiting the scope of exposure to recursive resolvers. While the attack is easy to launch and can disrupt DNS operations, its effect ceases once the malicious traffic stops, making prompt patching and recursive access control effective mitigations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202601271320-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-8677"
},
{
"category": "external",
"summary": "RHBZ#2405830",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2405830"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-8677",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-8677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8677"
}
],
"release_date": "2025-10-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-05T16:26:06+00:00",
"details": "For OpenShift Container Platform 4.15 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata\nfor x86_64, s390x, ppc64le, and aarch64 architectures. The image digests\nmay be found at\nhttps://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:d517885ee59d46c2aca8be69fdcf916f78a510ae76a5a9f7875c1c5ab3cfc3c1\n\n (For s390x architecture)\n The image digest is sha256:3a4a7c87e8ca5f4e3803f8f203599b25055276a532df8e0b66ec4ec2ebc51f4c\n\n (For ppc64le architecture)\n The image digest is sha256:f34818181660a9f58a59e06dbe58f24de82dcbb688e5f940a41e62e08f1edf94\n\n (For aarch64 architecture)\n The image digest is sha256:24eeb2ea15ac709ed08df9b6f1a5d1ac334c4f7335c0ae5249e17298ab297517\n\nAll OpenShift Container Platform 4.15 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift CLI (oc)\nor web console. Instructions for upgrading a cluster are available at\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202601271320-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1541"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.\n\nTo reduce risk, restrict recursive queries to trusted or internal networks only, and apply rate limiting or firewall rules to prevent excessive or repetitive requests. Enabling DNSSEC validation helps reject forged records, while isolating recursive resolvers from authoritative servers limits the impact of potential cache poisoning. Active monitoring of CPU usage, query volume, and cache anomalies can provide early warning of abuse or attacks.",
"product_ids": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202601271320-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202601271320-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "bind: Resource exhaustion via malformed DNSKEY handling"
},
{
"cve": "CVE-2025-9714",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2025-09-02T13:03:56.452000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392605"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxstl/libxml2. The \u0027exsltDynMapFunction\u0027 function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling \u0027dyn:map()\u0027, leading to stack exhaustion and a local denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No evidence was found for arbitrary memory corruption through this flaw, limiting its impact to Availability only, and reducing its severity to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202601271320-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9714"
},
{
"category": "external",
"summary": "RHBZ#2392605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392605"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9714",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9714"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148",
"url": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148"
}
],
"release_date": "2025-09-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-05T16:26:06+00:00",
"details": "For OpenShift Container Platform 4.15 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata\nfor x86_64, s390x, ppc64le, and aarch64 architectures. The image digests\nmay be found at\nhttps://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:d517885ee59d46c2aca8be69fdcf916f78a510ae76a5a9f7875c1c5ab3cfc3c1\n\n (For s390x architecture)\n The image digest is sha256:3a4a7c87e8ca5f4e3803f8f203599b25055276a532df8e0b66ec4ec2ebc51f4c\n\n (For ppc64le architecture)\n The image digest is sha256:f34818181660a9f58a59e06dbe58f24de82dcbb688e5f940a41e62e08f1edf94\n\n (For aarch64 architecture)\n The image digest is sha256:24eeb2ea15ac709ed08df9b6f1a5d1ac334c4f7335c0ae5249e17298ab297517\n\nAll OpenShift Container Platform 4.15 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift CLI (oc)\nor web console. Instructions for upgrading a cluster are available at\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202601271320-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1541"
},
{
"category": "workaround",
"details": "The impact of this flaw may be reduced by setting strict resource limits to the stack size of processes at the operational system level. This can be achieved either through the \u0027ulimit\u0027 shell built-in or the \u0027limits.conf\u0027 file.",
"product_ids": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202601271320-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202601271320-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c"
},
{
"cve": "CVE-2025-40778",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2025-10-22T15:07:23.729000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2405827"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability exists in BIND\u2019s DNS resolver logic that makes it overly permissive when accepting resource records (RRs) in responses. Under certain conditions, this flaw allows attackers to inject unsolicited or forged DNS records into the cache. This can be exploited to poison the resolver cache, redirecting clients to malicious domains or unauthorized servers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bind: Cache poisoning attacks with unsolicited RRs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "It is classified as Important rather than Critical because its impact is limited to cache poisoning within recursive resolvers and does not allow direct code execution, privilege escalation, or service disruption. The vulnerability affects the accuracy of DNS responses, but not the availability or confidentiality of systems. Additionally, DNSSEC-enabled deployments and restricted recursive access can significantly mitigate exploitation risks. Therefore, while the flaw can misdirect network traffic and compromise trust in name resolution, it does not directly compromise the underlying server or client systems, justifying an Important \u2014 but not Critical \u2014 severity rating.\n\nTechnical Analysis:\nThe issue arises because BIND fails to strictly validate unsolicited resource records accompanying legitimate DNS responses. This gap allows forged recursive resolvers to be cached as valid entries. Since the attack is remote, requires no authentication, and exploits a low-complexity vector, it is highly impactful in recursive resolver environments\u2014especially those exposed to untrusted clients or open resolvers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202601271320-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-40778"
},
{
"category": "external",
"summary": "RHBZ#2405827",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2405827"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-40778",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40778"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-40778",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-40778"
}
],
"release_date": "2025-10-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-05T16:26:06+00:00",
"details": "For OpenShift Container Platform 4.15 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata\nfor x86_64, s390x, ppc64le, and aarch64 architectures. The image digests\nmay be found at\nhttps://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:d517885ee59d46c2aca8be69fdcf916f78a510ae76a5a9f7875c1c5ab3cfc3c1\n\n (For s390x architecture)\n The image digest is sha256:3a4a7c87e8ca5f4e3803f8f203599b25055276a532df8e0b66ec4ec2ebc51f4c\n\n (For ppc64le architecture)\n The image digest is sha256:f34818181660a9f58a59e06dbe58f24de82dcbb688e5f940a41e62e08f1edf94\n\n (For aarch64 architecture)\n The image digest is sha256:24eeb2ea15ac709ed08df9b6f1a5d1ac334c4f7335c0ae5249e17298ab297517\n\nAll OpenShift Container Platform 4.15 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift CLI (oc)\nor web console. Instructions for upgrading a cluster are available at\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202601271320-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1541"
},
{
"category": "workaround",
"details": "While it is not possible to eliminate risk from this vulnerability, there are several options for reducing the risk. These include restricting recursive queries to trusted or internal networks only, and apply rate limiting or firewall rules to prevent excessive or repetitive requests. Enabling DNSSEC validation helps reject forged records, while isolating recursive resolvers from authoritative servers limits the impact of potential cache poisoning. Active monitoring of CPU usage, query volume, and cache anomalies can provide early warning of abuse or attacks.",
"product_ids": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202601271320-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202601271320-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "bind: Cache poisoning attacks with unsolicited RRs"
},
{
"cve": "CVE-2025-40780",
"cwe": {
"id": "CWE-338",
"name": "Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)"
},
"discovery_date": "2025-10-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2405829"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in BIND resolvers caused by a weakness in the Pseudo Random Number Generator (PRNG). This weakness allows an attacker to potentially predict the source port and query ID used by BIND, enabling cache poisoning attacks. If successful, the attacker can inject malicious DNS responses into the resolver\u2019s cache, causing clients to receive spoofed DNS data. Authoritative servers are generally unaffected, but recursive resolvers are exposed to this risk. Exploitation is remote and does not require user interaction.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bind: Cache poisoning due to weak PRNG",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in BIND 9 resolvers caused by a weakness in the Pseudo Random Number Generator (PRNG) used to select the UDP source port and DNS query (transaction) ID. Exploitation requires an attacker to correctly predict both values and race the legitimate authoritative response with a spoofed packet to perform cache poisoning. While the PRNG weakness reduces entropy and makes prediction feasible under certain conditions, this still requires precise timing, on-path or spoofing capabilities, and targeting of recursive resolvers.\n\nThe impact is limited to resolver cache integrity; it does not allow remote code execution, privilege escalation, or direct compromise of the BIND server itself. Authoritative servers are not affected. Additionally, operational mitigations such as DNSSEC validation, access control restricting recursion, and network-level packet filtering reduce real-world exploitability. No active exploits have been observed in the wild.\n\nBecause exploitation is non-trivial, requires network-level spoofing and precise timing, and only affects cache integrity without server compromise, the vulnerability is considered Important rather than Critical.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202601271320-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-40780"
},
{
"category": "external",
"summary": "RHBZ#2405829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2405829"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-40780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40780"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-40780",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-40780"
}
],
"release_date": "2025-10-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-05T16:26:06+00:00",
"details": "For OpenShift Container Platform 4.15 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata\nfor x86_64, s390x, ppc64le, and aarch64 architectures. The image digests\nmay be found at\nhttps://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:d517885ee59d46c2aca8be69fdcf916f78a510ae76a5a9f7875c1c5ab3cfc3c1\n\n (For s390x architecture)\n The image digest is sha256:3a4a7c87e8ca5f4e3803f8f203599b25055276a532df8e0b66ec4ec2ebc51f4c\n\n (For ppc64le architecture)\n The image digest is sha256:f34818181660a9f58a59e06dbe58f24de82dcbb688e5f940a41e62e08f1edf94\n\n (For aarch64 architecture)\n The image digest is sha256:24eeb2ea15ac709ed08df9b6f1a5d1ac334c4f7335c0ae5249e17298ab297517\n\nAll OpenShift Container Platform 4.15 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift CLI (oc)\nor web console. Instructions for upgrading a cluster are available at\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202601271320-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1541"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.\n\nTo reduce risk, restrict recursive queries to trusted or internal networks only, and apply rate limiting or firewall rules to prevent excessive or repetitive requests. Enabling DNSSEC validation helps reject forged records, while isolating recursive resolvers from authoritative servers limits the impact of potential cache poisoning. Active monitoring of CPU usage, query volume, and cache anomalies can provide early warning of abuse or attacks.",
"product_ids": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202601271320-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202601271320-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "bind: Cache poisoning due to weak PRNG"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classified as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202601271320-0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2025-59375",
"url": "https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2025-59375"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2025-59375",
"url": "https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2025-59375"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-05T16:26:06+00:00",
"details": "For OpenShift Container Platform 4.15 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html/release_notes/\n\nYou may download the oc tool and use it to inspect release image metadata\nfor x86_64, s390x, ppc64le, and aarch64 architectures. The image digests\nmay be found at\nhttps://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\nThe sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:d517885ee59d46c2aca8be69fdcf916f78a510ae76a5a9f7875c1c5ab3cfc3c1\n\n (For s390x architecture)\n The image digest is sha256:3a4a7c87e8ca5f4e3803f8f203599b25055276a532df8e0b66ec4ec2ebc51f4c\n\n (For ppc64le architecture)\n The image digest is sha256:f34818181660a9f58a59e06dbe58f24de82dcbb688e5f940a41e62e08f1edf94\n\n (For aarch64 architecture)\n The image digest is sha256:24eeb2ea15ac709ed08df9b6f1a5d1ac334c4f7335c0ae5249e17298ab297517\n\nAll OpenShift Container Platform 4.15 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift CLI (oc)\nor web console. Instructions for upgrading a cluster are available at\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html-single/updating_clusters/index#updating-cluster-cli.",
"product_ids": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202601271320-0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1541"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202601271320-0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-RHOSE-4.15:rhcos-aarch64-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-ppc64le-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-s390x-415.92.202601271320-0",
"9Base-RHOSE-4.15:rhcos-x86_64-415.92.202601271320-0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
}
]
}
SUSE-SU-2025:02522-1
Vulnerability from csaf_suse - Published: 2025-07-25 09:04 - Updated: 2025-07-25 09:04Summary
Security update for libarchive
Severity
Moderate
Notes
Title of the patch: Security update for libarchive
Description of the patch: This update for libarchive fixes the following issues:
- CVE-2025-5916, Fixed integer overflow while reading warc files at archive_read_support_format_warc.c (bsc#1244270)
- CVE-2025-5914: Fixed double free due to an integer overflow in the archive_read_format_rar_seek_data() function (bsc#1244272)
Patchnames: SUSE-2025-2522,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2522
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libarchive-devel-3.3.3-32.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libarchive13-3.3.3-32.14.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.4 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libarchive-devel-3.3.3-32.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libarchive13-3.3.3-32.14.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
12 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libarchive",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libarchive fixes the following issues:\n\n- CVE-2025-5916, Fixed integer overflow while reading warc files at archive_read_support_format_warc.c (bsc#1244270)\n- CVE-2025-5914: Fixed double free due to an integer overflow in the archive_read_format_rar_seek_data() function (bsc#1244272)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2522,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2522",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02522-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02522-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502522-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02522-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040912.html"
},
{
"category": "self",
"summary": "SUSE Bug 1244270",
"url": "https://bugzilla.suse.com/1244270"
},
{
"category": "self",
"summary": "SUSE Bug 1244272",
"url": "https://bugzilla.suse.com/1244272"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-5914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-5914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-5916 page",
"url": "https://www.suse.com/security/cve/CVE-2025-5916/"
}
],
"title": "Security update for libarchive",
"tracking": {
"current_release_date": "2025-07-25T09:04:20Z",
"generator": {
"date": "2025-07-25T09:04:20Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02522-1",
"initial_release_date": "2025-07-25T09:04:20Z",
"revision_history": [
{
"date": "2025-07-25T09:04:20Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "bsdtar-3.3.3-32.14.1.aarch64",
"product": {
"name": "bsdtar-3.3.3-32.14.1.aarch64",
"product_id": "bsdtar-3.3.3-32.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "libarchive-devel-3.3.3-32.14.1.aarch64",
"product": {
"name": "libarchive-devel-3.3.3-32.14.1.aarch64",
"product_id": "libarchive-devel-3.3.3-32.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "libarchive13-3.3.3-32.14.1.aarch64",
"product": {
"name": "libarchive13-3.3.3-32.14.1.aarch64",
"product_id": "libarchive13-3.3.3-32.14.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libarchive13-64bit-3.3.3-32.14.1.aarch64_ilp32",
"product": {
"name": "libarchive13-64bit-3.3.3-32.14.1.aarch64_ilp32",
"product_id": "libarchive13-64bit-3.3.3-32.14.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "bsdtar-3.3.3-32.14.1.i586",
"product": {
"name": "bsdtar-3.3.3-32.14.1.i586",
"product_id": "bsdtar-3.3.3-32.14.1.i586"
}
},
{
"category": "product_version",
"name": "libarchive-devel-3.3.3-32.14.1.i586",
"product": {
"name": "libarchive-devel-3.3.3-32.14.1.i586",
"product_id": "libarchive-devel-3.3.3-32.14.1.i586"
}
},
{
"category": "product_version",
"name": "libarchive13-3.3.3-32.14.1.i586",
"product": {
"name": "libarchive13-3.3.3-32.14.1.i586",
"product_id": "libarchive13-3.3.3-32.14.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "bsdtar-3.3.3-32.14.1.ppc64le",
"product": {
"name": "bsdtar-3.3.3-32.14.1.ppc64le",
"product_id": "bsdtar-3.3.3-32.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libarchive-devel-3.3.3-32.14.1.ppc64le",
"product": {
"name": "libarchive-devel-3.3.3-32.14.1.ppc64le",
"product_id": "libarchive-devel-3.3.3-32.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libarchive13-3.3.3-32.14.1.ppc64le",
"product": {
"name": "libarchive13-3.3.3-32.14.1.ppc64le",
"product_id": "libarchive13-3.3.3-32.14.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "bsdtar-3.3.3-32.14.1.s390",
"product": {
"name": "bsdtar-3.3.3-32.14.1.s390",
"product_id": "bsdtar-3.3.3-32.14.1.s390"
}
},
{
"category": "product_version",
"name": "libarchive-devel-3.3.3-32.14.1.s390",
"product": {
"name": "libarchive-devel-3.3.3-32.14.1.s390",
"product_id": "libarchive-devel-3.3.3-32.14.1.s390"
}
},
{
"category": "product_version",
"name": "libarchive13-3.3.3-32.14.1.s390",
"product": {
"name": "libarchive13-3.3.3-32.14.1.s390",
"product_id": "libarchive13-3.3.3-32.14.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "bsdtar-3.3.3-32.14.1.s390x",
"product": {
"name": "bsdtar-3.3.3-32.14.1.s390x",
"product_id": "bsdtar-3.3.3-32.14.1.s390x"
}
},
{
"category": "product_version",
"name": "libarchive-devel-3.3.3-32.14.1.s390x",
"product": {
"name": "libarchive-devel-3.3.3-32.14.1.s390x",
"product_id": "libarchive-devel-3.3.3-32.14.1.s390x"
}
},
{
"category": "product_version",
"name": "libarchive13-3.3.3-32.14.1.s390x",
"product": {
"name": "libarchive13-3.3.3-32.14.1.s390x",
"product_id": "libarchive13-3.3.3-32.14.1.s390x"
}
},
{
"category": "product_version",
"name": "libarchive13-32bit-3.3.3-32.14.1.s390x",
"product": {
"name": "libarchive13-32bit-3.3.3-32.14.1.s390x",
"product_id": "libarchive13-32bit-3.3.3-32.14.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "bsdtar-3.3.3-32.14.1.x86_64",
"product": {
"name": "bsdtar-3.3.3-32.14.1.x86_64",
"product_id": "bsdtar-3.3.3-32.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "libarchive-devel-3.3.3-32.14.1.x86_64",
"product": {
"name": "libarchive-devel-3.3.3-32.14.1.x86_64",
"product_id": "libarchive-devel-3.3.3-32.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "libarchive13-3.3.3-32.14.1.x86_64",
"product": {
"name": "libarchive13-3.3.3-32.14.1.x86_64",
"product_id": "libarchive13-3.3.3-32.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "libarchive13-32bit-3.3.3-32.14.1.x86_64",
"product": {
"name": "libarchive13-32bit-3.3.3-32.14.1.x86_64",
"product_id": "libarchive13-32bit-3.3.3-32.14.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss-extended-security:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.3.3-32.14.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libarchive-devel-3.3.3-32.14.1.x86_64"
},
"product_reference": "libarchive-devel-3.3.3-32.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.3.3-32.14.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libarchive13-3.3.3-32.14.1.x86_64"
},
"product_reference": "libarchive13-3.3.3-32.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-5914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-5914"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libarchive-devel-3.3.3-32.14.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libarchive13-3.3.3-32.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-5914",
"url": "https://www.suse.com/security/cve/CVE-2025-5914"
},
{
"category": "external",
"summary": "SUSE Bug 1244272 for CVE-2025-5914",
"url": "https://bugzilla.suse.com/1244272"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libarchive-devel-3.3.3-32.14.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libarchive13-3.3.3-32.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libarchive-devel-3.3.3-32.14.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libarchive13-3.3.3-32.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-25T09:04:20Z",
"details": "important"
}
],
"title": "CVE-2025-5914"
},
{
"cve": "CVE-2025-5916",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-5916"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive (WARC) file that claims to have more than INT64_MAX - 4 content bytes. An attacker could craft a malicious WARC archive to induce this overflow, potentially leading to unpredictable program behavior, memory corruption, or a denial-of-service condition within applications that process such archives using libarchive. This bug affects libarchive versions prior to 3.8.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libarchive-devel-3.3.3-32.14.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libarchive13-3.3.3-32.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-5916",
"url": "https://www.suse.com/security/cve/CVE-2025-5916"
},
{
"category": "external",
"summary": "SUSE Bug 1244270 for CVE-2025-5916",
"url": "https://bugzilla.suse.com/1244270"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libarchive-devel-3.3.3-32.14.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libarchive13-3.3.3-32.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libarchive-devel-3.3.3-32.14.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libarchive13-3.3.3-32.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-25T09:04:20Z",
"details": "moderate"
}
],
"title": "CVE-2025-5916"
}
]
}
SUSE-SU-2025:02522-2
Vulnerability from csaf_suse - Published: 2025-09-01 07:03 - Updated: 2025-09-01 07:03Summary
Security update for libarchive
Severity
Moderate
Notes
Title of the patch: Security update for libarchive
Description of the patch: This update for libarchive fixes the following issues:
- CVE-2025-5916, Fixed integer overflow while reading warc files at archive_read_support_format_warc.c (bsc#1244270)
- CVE-2025-5914: Fixed double free due to an integer overflow in the archive_read_format_rar_seek_data() function (bsc#1244272)
Patchnames: SUSE-2025-2522,SUSE-SLE-SERVER-12-SP5-LTSS-2025-2522
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive-devel-3.3.3-32.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive-devel-3.3.3-32.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive-devel-3.3.3-32.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive-devel-3.3.3-32.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive13-3.3.3-32.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive13-3.3.3-32.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive13-3.3.3-32.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive13-3.3.3-32.14.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.4 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive-devel-3.3.3-32.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive-devel-3.3.3-32.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive-devel-3.3.3-32.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive-devel-3.3.3-32.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive13-3.3.3-32.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive13-3.3.3-32.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive13-3.3.3-32.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive13-3.3.3-32.14.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
12 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libarchive",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libarchive fixes the following issues:\n\n- CVE-2025-5916, Fixed integer overflow while reading warc files at archive_read_support_format_warc.c (bsc#1244270)\n- CVE-2025-5914: Fixed double free due to an integer overflow in the archive_read_format_rar_seek_data() function (bsc#1244272)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2522,SUSE-SLE-SERVER-12-SP5-LTSS-2025-2522",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02522-2.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02522-2",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502522-2/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02522-2",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-September/041475.html"
},
{
"category": "self",
"summary": "SUSE Bug 1244270",
"url": "https://bugzilla.suse.com/1244270"
},
{
"category": "self",
"summary": "SUSE Bug 1244272",
"url": "https://bugzilla.suse.com/1244272"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-5914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-5914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-5916 page",
"url": "https://www.suse.com/security/cve/CVE-2025-5916/"
}
],
"title": "Security update for libarchive",
"tracking": {
"current_release_date": "2025-09-01T07:03:57Z",
"generator": {
"date": "2025-09-01T07:03:57Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02522-2",
"initial_release_date": "2025-09-01T07:03:57Z",
"revision_history": [
{
"date": "2025-09-01T07:03:57Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "bsdtar-3.3.3-32.14.1.aarch64",
"product": {
"name": "bsdtar-3.3.3-32.14.1.aarch64",
"product_id": "bsdtar-3.3.3-32.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "libarchive-devel-3.3.3-32.14.1.aarch64",
"product": {
"name": "libarchive-devel-3.3.3-32.14.1.aarch64",
"product_id": "libarchive-devel-3.3.3-32.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "libarchive13-3.3.3-32.14.1.aarch64",
"product": {
"name": "libarchive13-3.3.3-32.14.1.aarch64",
"product_id": "libarchive13-3.3.3-32.14.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libarchive13-64bit-3.3.3-32.14.1.aarch64_ilp32",
"product": {
"name": "libarchive13-64bit-3.3.3-32.14.1.aarch64_ilp32",
"product_id": "libarchive13-64bit-3.3.3-32.14.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "bsdtar-3.3.3-32.14.1.i586",
"product": {
"name": "bsdtar-3.3.3-32.14.1.i586",
"product_id": "bsdtar-3.3.3-32.14.1.i586"
}
},
{
"category": "product_version",
"name": "libarchive-devel-3.3.3-32.14.1.i586",
"product": {
"name": "libarchive-devel-3.3.3-32.14.1.i586",
"product_id": "libarchive-devel-3.3.3-32.14.1.i586"
}
},
{
"category": "product_version",
"name": "libarchive13-3.3.3-32.14.1.i586",
"product": {
"name": "libarchive13-3.3.3-32.14.1.i586",
"product_id": "libarchive13-3.3.3-32.14.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "bsdtar-3.3.3-32.14.1.ppc64le",
"product": {
"name": "bsdtar-3.3.3-32.14.1.ppc64le",
"product_id": "bsdtar-3.3.3-32.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libarchive-devel-3.3.3-32.14.1.ppc64le",
"product": {
"name": "libarchive-devel-3.3.3-32.14.1.ppc64le",
"product_id": "libarchive-devel-3.3.3-32.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libarchive13-3.3.3-32.14.1.ppc64le",
"product": {
"name": "libarchive13-3.3.3-32.14.1.ppc64le",
"product_id": "libarchive13-3.3.3-32.14.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "bsdtar-3.3.3-32.14.1.s390",
"product": {
"name": "bsdtar-3.3.3-32.14.1.s390",
"product_id": "bsdtar-3.3.3-32.14.1.s390"
}
},
{
"category": "product_version",
"name": "libarchive-devel-3.3.3-32.14.1.s390",
"product": {
"name": "libarchive-devel-3.3.3-32.14.1.s390",
"product_id": "libarchive-devel-3.3.3-32.14.1.s390"
}
},
{
"category": "product_version",
"name": "libarchive13-3.3.3-32.14.1.s390",
"product": {
"name": "libarchive13-3.3.3-32.14.1.s390",
"product_id": "libarchive13-3.3.3-32.14.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "bsdtar-3.3.3-32.14.1.s390x",
"product": {
"name": "bsdtar-3.3.3-32.14.1.s390x",
"product_id": "bsdtar-3.3.3-32.14.1.s390x"
}
},
{
"category": "product_version",
"name": "libarchive-devel-3.3.3-32.14.1.s390x",
"product": {
"name": "libarchive-devel-3.3.3-32.14.1.s390x",
"product_id": "libarchive-devel-3.3.3-32.14.1.s390x"
}
},
{
"category": "product_version",
"name": "libarchive13-3.3.3-32.14.1.s390x",
"product": {
"name": "libarchive13-3.3.3-32.14.1.s390x",
"product_id": "libarchive13-3.3.3-32.14.1.s390x"
}
},
{
"category": "product_version",
"name": "libarchive13-32bit-3.3.3-32.14.1.s390x",
"product": {
"name": "libarchive13-32bit-3.3.3-32.14.1.s390x",
"product_id": "libarchive13-32bit-3.3.3-32.14.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "bsdtar-3.3.3-32.14.1.x86_64",
"product": {
"name": "bsdtar-3.3.3-32.14.1.x86_64",
"product_id": "bsdtar-3.3.3-32.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "libarchive-devel-3.3.3-32.14.1.x86_64",
"product": {
"name": "libarchive-devel-3.3.3-32.14.1.x86_64",
"product_id": "libarchive-devel-3.3.3-32.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "libarchive13-3.3.3-32.14.1.x86_64",
"product": {
"name": "libarchive13-3.3.3-32.14.1.x86_64",
"product_id": "libarchive13-3.3.3-32.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "libarchive13-32bit-3.3.3-32.14.1.x86_64",
"product": {
"name": "libarchive13-32bit-3.3.3-32.14.1.x86_64",
"product_id": "libarchive13-32bit-3.3.3-32.14.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.3.3-32.14.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive-devel-3.3.3-32.14.1.aarch64"
},
"product_reference": "libarchive-devel-3.3.3-32.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.3.3-32.14.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive-devel-3.3.3-32.14.1.ppc64le"
},
"product_reference": "libarchive-devel-3.3.3-32.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.3.3-32.14.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive-devel-3.3.3-32.14.1.s390x"
},
"product_reference": "libarchive-devel-3.3.3-32.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.3.3-32.14.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive-devel-3.3.3-32.14.1.x86_64"
},
"product_reference": "libarchive-devel-3.3.3-32.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.3.3-32.14.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive13-3.3.3-32.14.1.aarch64"
},
"product_reference": "libarchive13-3.3.3-32.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.3.3-32.14.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive13-3.3.3-32.14.1.ppc64le"
},
"product_reference": "libarchive13-3.3.3-32.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.3.3-32.14.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive13-3.3.3-32.14.1.s390x"
},
"product_reference": "libarchive13-3.3.3-32.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.3.3-32.14.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive13-3.3.3-32.14.1.x86_64"
},
"product_reference": "libarchive13-3.3.3-32.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-5914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-5914"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive-devel-3.3.3-32.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive-devel-3.3.3-32.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive-devel-3.3.3-32.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive-devel-3.3.3-32.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive13-3.3.3-32.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive13-3.3.3-32.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive13-3.3.3-32.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive13-3.3.3-32.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-5914",
"url": "https://www.suse.com/security/cve/CVE-2025-5914"
},
{
"category": "external",
"summary": "SUSE Bug 1244272 for CVE-2025-5914",
"url": "https://bugzilla.suse.com/1244272"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive-devel-3.3.3-32.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive-devel-3.3.3-32.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive-devel-3.3.3-32.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive-devel-3.3.3-32.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive13-3.3.3-32.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive13-3.3.3-32.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive13-3.3.3-32.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive13-3.3.3-32.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive-devel-3.3.3-32.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive-devel-3.3.3-32.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive-devel-3.3.3-32.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive-devel-3.3.3-32.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive13-3.3.3-32.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive13-3.3.3-32.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive13-3.3.3-32.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive13-3.3.3-32.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-01T07:03:57Z",
"details": "important"
}
],
"title": "CVE-2025-5914"
},
{
"cve": "CVE-2025-5916",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-5916"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive (WARC) file that claims to have more than INT64_MAX - 4 content bytes. An attacker could craft a malicious WARC archive to induce this overflow, potentially leading to unpredictable program behavior, memory corruption, or a denial-of-service condition within applications that process such archives using libarchive. This bug affects libarchive versions prior to 3.8.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive-devel-3.3.3-32.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive-devel-3.3.3-32.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive-devel-3.3.3-32.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive-devel-3.3.3-32.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive13-3.3.3-32.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive13-3.3.3-32.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive13-3.3.3-32.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive13-3.3.3-32.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-5916",
"url": "https://www.suse.com/security/cve/CVE-2025-5916"
},
{
"category": "external",
"summary": "SUSE Bug 1244270 for CVE-2025-5916",
"url": "https://bugzilla.suse.com/1244270"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive-devel-3.3.3-32.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive-devel-3.3.3-32.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive-devel-3.3.3-32.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive-devel-3.3.3-32.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive13-3.3.3-32.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive13-3.3.3-32.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive13-3.3.3-32.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive13-3.3.3-32.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive-devel-3.3.3-32.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive-devel-3.3.3-32.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive-devel-3.3.3-32.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive-devel-3.3.3-32.14.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive13-3.3.3-32.14.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive13-3.3.3-32.14.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive13-3.3.3-32.14.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libarchive13-3.3.3-32.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-01T07:03:57Z",
"details": "moderate"
}
],
"title": "CVE-2025-5916"
}
]
}
SUSE-SU-2025:02566-1
Vulnerability from csaf_suse - Published: 2025-07-31 07:18 - Updated: 2025-07-31 07:18Summary
Security update for libarchive
Severity
Moderate
Notes
Title of the patch: Security update for libarchive
Description of the patch: This update for libarchive fixes the following issues:
- CVE-2025-5914: Fixed double free due to an integer overflow in the archive_read_format_rar_seek_data() function (bsc#1244272)
- CVE-2025-5915: Fixed heap buffer over read in copy_from_lzss_window() at archive_read_support_format_rar.c (bsc#1244273)
- CVE-2025-5916: Fixed integer overflow while reading warc files at archive_read_support_format_warc.c (bsc#1244270)
- CVE-2025-5917: Fixed off by one error in build_ustar_entry_name() at archive_write_set_format_pax.c (bsc#1244336)
- CVE-2025-5918: Fixed reading past EOF may be triggered for piped file streams (bsc#1244279)
Patchnames: SUSE-2025-2566,SUSE-SLE-Module-Basesystem-15-SP6-2025-2566,SUSE-SLE-Module-Basesystem-15-SP7-2025-2566,SUSE-SLE-Module-Development-Tools-15-SP6-2025-2566,SUSE-SLE-Module-Development-Tools-15-SP7-2025-2566,openSUSE-SLE-15.6-2025-2566
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
37 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive13-32bit-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.4 (Medium)
Affected products
Recommended
37 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive13-32bit-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
37 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive13-32bit-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
37 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive13-32bit-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
37 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libarchive13-32bit-3.7.2-150600.3.17.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
References
24 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libarchive",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libarchive fixes the following issues:\n\n- CVE-2025-5914: Fixed double free due to an integer overflow in the archive_read_format_rar_seek_data() function (bsc#1244272)\n- CVE-2025-5915: Fixed heap buffer over read in copy_from_lzss_window() at archive_read_support_format_rar.c (bsc#1244273)\n- CVE-2025-5916: Fixed integer overflow while reading warc files at archive_read_support_format_warc.c (bsc#1244270)\n- CVE-2025-5917: Fixed off by one error in build_ustar_entry_name() at archive_write_set_format_pax.c (bsc#1244336)\n- CVE-2025-5918: Fixed reading past EOF may be triggered for piped file streams (bsc#1244279)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2566,SUSE-SLE-Module-Basesystem-15-SP6-2025-2566,SUSE-SLE-Module-Basesystem-15-SP7-2025-2566,SUSE-SLE-Module-Development-Tools-15-SP6-2025-2566,SUSE-SLE-Module-Development-Tools-15-SP7-2025-2566,openSUSE-SLE-15.6-2025-2566",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02566-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02566-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502566-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02566-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040969.html"
},
{
"category": "self",
"summary": "SUSE Bug 1244270",
"url": "https://bugzilla.suse.com/1244270"
},
{
"category": "self",
"summary": "SUSE Bug 1244272",
"url": "https://bugzilla.suse.com/1244272"
},
{
"category": "self",
"summary": "SUSE Bug 1244273",
"url": "https://bugzilla.suse.com/1244273"
},
{
"category": "self",
"summary": "SUSE Bug 1244279",
"url": "https://bugzilla.suse.com/1244279"
},
{
"category": "self",
"summary": "SUSE Bug 1244336",
"url": "https://bugzilla.suse.com/1244336"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-5914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-5914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-5915 page",
"url": "https://www.suse.com/security/cve/CVE-2025-5915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-5916 page",
"url": "https://www.suse.com/security/cve/CVE-2025-5916/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-5917 page",
"url": "https://www.suse.com/security/cve/CVE-2025-5917/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-5918 page",
"url": "https://www.suse.com/security/cve/CVE-2025-5918/"
}
],
"title": "Security update for libarchive",
"tracking": {
"current_release_date": "2025-07-31T07:18:45Z",
"generator": {
"date": "2025-07-31T07:18:45Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02566-1",
"initial_release_date": "2025-07-31T07:18:45Z",
"revision_history": [
{
"date": "2025-07-31T07:18:45Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "bsdtar-3.7.2-150600.3.17.1.aarch64",
"product": {
"name": "bsdtar-3.7.2-150600.3.17.1.aarch64",
"product_id": "bsdtar-3.7.2-150600.3.17.1.aarch64"
}
},
{
"category": "product_version",
"name": "libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"product": {
"name": "libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"product_id": "libarchive-devel-3.7.2-150600.3.17.1.aarch64"
}
},
{
"category": "product_version",
"name": "libarchive13-3.7.2-150600.3.17.1.aarch64",
"product": {
"name": "libarchive13-3.7.2-150600.3.17.1.aarch64",
"product_id": "libarchive13-3.7.2-150600.3.17.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libarchive13-64bit-3.7.2-150600.3.17.1.aarch64_ilp32",
"product": {
"name": "libarchive13-64bit-3.7.2-150600.3.17.1.aarch64_ilp32",
"product_id": "libarchive13-64bit-3.7.2-150600.3.17.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "bsdtar-3.7.2-150600.3.17.1.i586",
"product": {
"name": "bsdtar-3.7.2-150600.3.17.1.i586",
"product_id": "bsdtar-3.7.2-150600.3.17.1.i586"
}
},
{
"category": "product_version",
"name": "libarchive-devel-3.7.2-150600.3.17.1.i586",
"product": {
"name": "libarchive-devel-3.7.2-150600.3.17.1.i586",
"product_id": "libarchive-devel-3.7.2-150600.3.17.1.i586"
}
},
{
"category": "product_version",
"name": "libarchive13-3.7.2-150600.3.17.1.i586",
"product": {
"name": "libarchive13-3.7.2-150600.3.17.1.i586",
"product_id": "libarchive13-3.7.2-150600.3.17.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "bsdtar-3.7.2-150600.3.17.1.ppc64le",
"product": {
"name": "bsdtar-3.7.2-150600.3.17.1.ppc64le",
"product_id": "bsdtar-3.7.2-150600.3.17.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"product": {
"name": "libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"product_id": "libarchive-devel-3.7.2-150600.3.17.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libarchive13-3.7.2-150600.3.17.1.ppc64le",
"product": {
"name": "libarchive13-3.7.2-150600.3.17.1.ppc64le",
"product_id": "libarchive13-3.7.2-150600.3.17.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "bsdtar-3.7.2-150600.3.17.1.s390x",
"product": {
"name": "bsdtar-3.7.2-150600.3.17.1.s390x",
"product_id": "bsdtar-3.7.2-150600.3.17.1.s390x"
}
},
{
"category": "product_version",
"name": "libarchive-devel-3.7.2-150600.3.17.1.s390x",
"product": {
"name": "libarchive-devel-3.7.2-150600.3.17.1.s390x",
"product_id": "libarchive-devel-3.7.2-150600.3.17.1.s390x"
}
},
{
"category": "product_version",
"name": "libarchive13-3.7.2-150600.3.17.1.s390x",
"product": {
"name": "libarchive13-3.7.2-150600.3.17.1.s390x",
"product_id": "libarchive13-3.7.2-150600.3.17.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "bsdtar-3.7.2-150600.3.17.1.x86_64",
"product": {
"name": "bsdtar-3.7.2-150600.3.17.1.x86_64",
"product_id": "bsdtar-3.7.2-150600.3.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"product": {
"name": "libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"product_id": "libarchive-devel-3.7.2-150600.3.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "libarchive13-3.7.2-150600.3.17.1.x86_64",
"product": {
"name": "libarchive13-3.7.2-150600.3.17.1.x86_64",
"product_id": "libarchive13-3.7.2-150600.3.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "libarchive13-32bit-3.7.2-150600.3.17.1.x86_64",
"product": {
"name": "libarchive13-32bit-3.7.2-150600.3.17.1.x86_64",
"product_id": "libarchive13-32bit-3.7.2-150600.3.17.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp7"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.7.2-150600.3.17.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.aarch64"
},
"product_reference": "libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.7.2-150600.3.17.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le"
},
"product_reference": "libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.7.2-150600.3.17.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.s390x"
},
"product_reference": "libarchive-devel-3.7.2-150600.3.17.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.7.2-150600.3.17.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.x86_64"
},
"product_reference": "libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.7.2-150600.3.17.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.aarch64"
},
"product_reference": "libarchive13-3.7.2-150600.3.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.7.2-150600.3.17.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.ppc64le"
},
"product_reference": "libarchive13-3.7.2-150600.3.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.7.2-150600.3.17.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.s390x"
},
"product_reference": "libarchive13-3.7.2-150600.3.17.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.7.2-150600.3.17.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.x86_64"
},
"product_reference": "libarchive13-3.7.2-150600.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.7.2-150600.3.17.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.aarch64"
},
"product_reference": "libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.7.2-150600.3.17.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.ppc64le"
},
"product_reference": "libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.7.2-150600.3.17.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.s390x"
},
"product_reference": "libarchive-devel-3.7.2-150600.3.17.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.7.2-150600.3.17.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.x86_64"
},
"product_reference": "libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.7.2-150600.3.17.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.aarch64"
},
"product_reference": "libarchive13-3.7.2-150600.3.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.7.2-150600.3.17.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.ppc64le"
},
"product_reference": "libarchive13-3.7.2-150600.3.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.7.2-150600.3.17.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.s390x"
},
"product_reference": "libarchive13-3.7.2-150600.3.17.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.7.2-150600.3.17.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.x86_64"
},
"product_reference": "libarchive13-3.7.2-150600.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bsdtar-3.7.2-150600.3.17.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.aarch64"
},
"product_reference": "bsdtar-3.7.2-150600.3.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bsdtar-3.7.2-150600.3.17.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.ppc64le"
},
"product_reference": "bsdtar-3.7.2-150600.3.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bsdtar-3.7.2-150600.3.17.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.s390x"
},
"product_reference": "bsdtar-3.7.2-150600.3.17.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bsdtar-3.7.2-150600.3.17.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.x86_64"
},
"product_reference": "bsdtar-3.7.2-150600.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bsdtar-3.7.2-150600.3.17.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.aarch64"
},
"product_reference": "bsdtar-3.7.2-150600.3.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bsdtar-3.7.2-150600.3.17.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.ppc64le"
},
"product_reference": "bsdtar-3.7.2-150600.3.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bsdtar-3.7.2-150600.3.17.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.s390x"
},
"product_reference": "bsdtar-3.7.2-150600.3.17.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bsdtar-3.7.2-150600.3.17.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.x86_64"
},
"product_reference": "bsdtar-3.7.2-150600.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bsdtar-3.7.2-150600.3.17.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.aarch64"
},
"product_reference": "bsdtar-3.7.2-150600.3.17.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bsdtar-3.7.2-150600.3.17.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.ppc64le"
},
"product_reference": "bsdtar-3.7.2-150600.3.17.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bsdtar-3.7.2-150600.3.17.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.s390x"
},
"product_reference": "bsdtar-3.7.2-150600.3.17.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bsdtar-3.7.2-150600.3.17.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.x86_64"
},
"product_reference": "bsdtar-3.7.2-150600.3.17.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.7.2-150600.3.17.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.aarch64"
},
"product_reference": "libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.7.2-150600.3.17.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le"
},
"product_reference": "libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.7.2-150600.3.17.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.s390x"
},
"product_reference": "libarchive-devel-3.7.2-150600.3.17.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.7.2-150600.3.17.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.x86_64"
},
"product_reference": "libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.7.2-150600.3.17.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.aarch64"
},
"product_reference": "libarchive13-3.7.2-150600.3.17.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.7.2-150600.3.17.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.ppc64le"
},
"product_reference": "libarchive13-3.7.2-150600.3.17.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.7.2-150600.3.17.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.s390x"
},
"product_reference": "libarchive13-3.7.2-150600.3.17.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.7.2-150600.3.17.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.x86_64"
},
"product_reference": "libarchive13-3.7.2-150600.3.17.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-32bit-3.7.2-150600.3.17.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libarchive13-32bit-3.7.2-150600.3.17.1.x86_64"
},
"product_reference": "libarchive13-32bit-3.7.2-150600.3.17.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-5914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-5914"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive13-32bit-3.7.2-150600.3.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-5914",
"url": "https://www.suse.com/security/cve/CVE-2025-5914"
},
{
"category": "external",
"summary": "SUSE Bug 1244272 for CVE-2025-5914",
"url": "https://bugzilla.suse.com/1244272"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive13-32bit-3.7.2-150600.3.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive13-32bit-3.7.2-150600.3.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-31T07:18:45Z",
"details": "important"
}
],
"title": "CVE-2025-5914"
},
{
"cve": "CVE-2025-5915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-5915"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer-Schieber (LZSS) window. This means the library may attempt to read beyond the allocated memory buffer, which can result in unpredictable program behavior, crashes (denial of service), or the disclosure of sensitive information from adjacent memory regions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive13-32bit-3.7.2-150600.3.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-5915",
"url": "https://www.suse.com/security/cve/CVE-2025-5915"
},
{
"category": "external",
"summary": "SUSE Bug 1244273 for CVE-2025-5915",
"url": "https://bugzilla.suse.com/1244273"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive13-32bit-3.7.2-150600.3.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive13-32bit-3.7.2-150600.3.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-31T07:18:45Z",
"details": "moderate"
}
],
"title": "CVE-2025-5915"
},
{
"cve": "CVE-2025-5916",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-5916"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive (WARC) file that claims to have more than INT64_MAX - 4 content bytes. An attacker could craft a malicious WARC archive to induce this overflow, potentially leading to unpredictable program behavior, memory corruption, or a denial-of-service condition within applications that process such archives using libarchive. This bug affects libarchive versions prior to 3.8.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive13-32bit-3.7.2-150600.3.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-5916",
"url": "https://www.suse.com/security/cve/CVE-2025-5916"
},
{
"category": "external",
"summary": "SUSE Bug 1244270 for CVE-2025-5916",
"url": "https://bugzilla.suse.com/1244270"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive13-32bit-3.7.2-150600.3.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive13-32bit-3.7.2-150600.3.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-31T07:18:45Z",
"details": "moderate"
}
],
"title": "CVE-2025-5916"
},
{
"cve": "CVE-2025-5917",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-5917"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been identified in the libarchive library. This flaw involves an \u0027off-by-one\u0027 miscalculation when handling prefixes and suffixes for file names. This can lead to a 1-byte write overflow. While seemingly small, such an overflow can corrupt adjacent memory, leading to unpredictable program behavior, crashes, or in specific circumstances, could be leveraged as a building block for more sophisticated exploitation. This bug affects libarchive versions prior to 3.8.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive13-32bit-3.7.2-150600.3.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-5917",
"url": "https://www.suse.com/security/cve/CVE-2025-5917"
},
{
"category": "external",
"summary": "SUSE Bug 1244332 for CVE-2025-5917",
"url": "https://bugzilla.suse.com/1244332"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive13-32bit-3.7.2-150600.3.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive13-32bit-3.7.2-150600.3.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-31T07:18:45Z",
"details": "moderate"
}
],
"title": "CVE-2025-5917"
},
{
"cve": "CVE-2025-5918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-5918"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memory corruption, or a denial-of-service condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive13-32bit-3.7.2-150600.3.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-5918",
"url": "https://www.suse.com/security/cve/CVE-2025-5918"
},
{
"category": "external",
"summary": "SUSE Bug 1244279 for CVE-2025-5918",
"url": "https://bugzilla.suse.com/1244279"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive13-32bit-3.7.2-150600.3.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libarchive13-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libarchive13-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:bsdtar-3.7.2-150600.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:bsdtar-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:bsdtar-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:libarchive-devel-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.aarch64",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.ppc64le",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.s390x",
"openSUSE Leap 15.6:libarchive13-3.7.2-150600.3.17.1.x86_64",
"openSUSE Leap 15.6:libarchive13-32bit-3.7.2-150600.3.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-31T07:18:45Z",
"details": "low"
}
],
"title": "CVE-2025-5918"
}
]
}
SUSE-SU-2025:02718-1
Vulnerability from csaf_suse - Published: 2025-08-06 13:55 - Updated: 2025-08-06 13:55Summary
Security update for libarchive
Severity
Moderate
Notes
Title of the patch: Security update for libarchive
Description of the patch: This update for libarchive fixes the following issues:
- CVE-2025-5914: Fixed double free due to an integer overflow in the archive_read_format_rar_seek_data() function (bsc#1244272)
- CVE-2025-5915: Fixed heap buffer over read in copy_from_lzss_window() at archive_read_support_format_rar.c (bsc#1244273)
- CVE-2025-5916: Fixed integer overflow while reading warc files at archive_read_support_format_warc.c (bsc#1244270)
- CVE-2025-5917: Fixed off by one error in build_ustar_entry_name() at archive_write_set_format_pax.c (bsc#1244336)
- CVE-2025-5918: Fixed reading past EOF may be triggered for piped file streams (bsc#1244279)
Patchnames: SUSE-2025-2718,SUSE-SLE-Micro-5.3-2025-2718,SUSE-SLE-Micro-5.4-2025-2718,SUSE-SLE-Micro-5.5-2025-2718
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.4 (Medium)
Affected products
Recommended
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
References
24 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libarchive",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libarchive fixes the following issues:\n\n- CVE-2025-5914: Fixed double free due to an integer overflow in the archive_read_format_rar_seek_data() function (bsc#1244272)\n- CVE-2025-5915: Fixed heap buffer over read in copy_from_lzss_window() at archive_read_support_format_rar.c (bsc#1244273)\n- CVE-2025-5916: Fixed integer overflow while reading warc files at archive_read_support_format_warc.c (bsc#1244270)\n- CVE-2025-5917: Fixed off by one error in build_ustar_entry_name() at archive_write_set_format_pax.c (bsc#1244336)\n- CVE-2025-5918: Fixed reading past EOF may be triggered for piped file streams (bsc#1244279)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2718,SUSE-SLE-Micro-5.3-2025-2718,SUSE-SLE-Micro-5.4-2025-2718,SUSE-SLE-Micro-5.5-2025-2718",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02718-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02718-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502718-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02718-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041132.html"
},
{
"category": "self",
"summary": "SUSE Bug 1244270",
"url": "https://bugzilla.suse.com/1244270"
},
{
"category": "self",
"summary": "SUSE Bug 1244272",
"url": "https://bugzilla.suse.com/1244272"
},
{
"category": "self",
"summary": "SUSE Bug 1244273",
"url": "https://bugzilla.suse.com/1244273"
},
{
"category": "self",
"summary": "SUSE Bug 1244279",
"url": "https://bugzilla.suse.com/1244279"
},
{
"category": "self",
"summary": "SUSE Bug 1244336",
"url": "https://bugzilla.suse.com/1244336"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-5914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-5914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-5915 page",
"url": "https://www.suse.com/security/cve/CVE-2025-5915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-5916 page",
"url": "https://www.suse.com/security/cve/CVE-2025-5916/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-5917 page",
"url": "https://www.suse.com/security/cve/CVE-2025-5917/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-5918 page",
"url": "https://www.suse.com/security/cve/CVE-2025-5918/"
}
],
"title": "Security update for libarchive",
"tracking": {
"current_release_date": "2025-08-06T13:55:09Z",
"generator": {
"date": "2025-08-06T13:55:09Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02718-1",
"initial_release_date": "2025-08-06T13:55:09Z",
"revision_history": [
{
"date": "2025-08-06T13:55:09Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "bsdtar-3.5.1-150400.3.21.1.aarch64",
"product": {
"name": "bsdtar-3.5.1-150400.3.21.1.aarch64",
"product_id": "bsdtar-3.5.1-150400.3.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"product": {
"name": "libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"product_id": "libarchive-devel-3.5.1-150400.3.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "libarchive13-3.5.1-150400.3.21.1.aarch64",
"product": {
"name": "libarchive13-3.5.1-150400.3.21.1.aarch64",
"product_id": "libarchive13-3.5.1-150400.3.21.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libarchive13-64bit-3.5.1-150400.3.21.1.aarch64_ilp32",
"product": {
"name": "libarchive13-64bit-3.5.1-150400.3.21.1.aarch64_ilp32",
"product_id": "libarchive13-64bit-3.5.1-150400.3.21.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "bsdtar-3.5.1-150400.3.21.1.i586",
"product": {
"name": "bsdtar-3.5.1-150400.3.21.1.i586",
"product_id": "bsdtar-3.5.1-150400.3.21.1.i586"
}
},
{
"category": "product_version",
"name": "libarchive-devel-3.5.1-150400.3.21.1.i586",
"product": {
"name": "libarchive-devel-3.5.1-150400.3.21.1.i586",
"product_id": "libarchive-devel-3.5.1-150400.3.21.1.i586"
}
},
{
"category": "product_version",
"name": "libarchive13-3.5.1-150400.3.21.1.i586",
"product": {
"name": "libarchive13-3.5.1-150400.3.21.1.i586",
"product_id": "libarchive13-3.5.1-150400.3.21.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "bsdtar-3.5.1-150400.3.21.1.ppc64le",
"product": {
"name": "bsdtar-3.5.1-150400.3.21.1.ppc64le",
"product_id": "bsdtar-3.5.1-150400.3.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"product": {
"name": "libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"product_id": "libarchive-devel-3.5.1-150400.3.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libarchive13-3.5.1-150400.3.21.1.ppc64le",
"product": {
"name": "libarchive13-3.5.1-150400.3.21.1.ppc64le",
"product_id": "libarchive13-3.5.1-150400.3.21.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "bsdtar-3.5.1-150400.3.21.1.s390x",
"product": {
"name": "bsdtar-3.5.1-150400.3.21.1.s390x",
"product_id": "bsdtar-3.5.1-150400.3.21.1.s390x"
}
},
{
"category": "product_version",
"name": "libarchive-devel-3.5.1-150400.3.21.1.s390x",
"product": {
"name": "libarchive-devel-3.5.1-150400.3.21.1.s390x",
"product_id": "libarchive-devel-3.5.1-150400.3.21.1.s390x"
}
},
{
"category": "product_version",
"name": "libarchive13-3.5.1-150400.3.21.1.s390x",
"product": {
"name": "libarchive13-3.5.1-150400.3.21.1.s390x",
"product_id": "libarchive13-3.5.1-150400.3.21.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "bsdtar-3.5.1-150400.3.21.1.x86_64",
"product": {
"name": "bsdtar-3.5.1-150400.3.21.1.x86_64",
"product_id": "bsdtar-3.5.1-150400.3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"product": {
"name": "libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"product_id": "libarchive-devel-3.5.1-150400.3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "libarchive13-3.5.1-150400.3.21.1.x86_64",
"product": {
"name": "libarchive13-3.5.1-150400.3.21.1.x86_64",
"product_id": "libarchive13-3.5.1-150400.3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "libarchive13-32bit-3.5.1-150400.3.21.1.x86_64",
"product": {
"name": "libarchive13-32bit-3.5.1-150400.3.21.1.x86_64",
"product_id": "libarchive13-32bit-3.5.1-150400.3.21.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.5.1-150400.3.21.1.aarch64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.aarch64"
},
"product_reference": "libarchive13-3.5.1-150400.3.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.5.1-150400.3.21.1.s390x as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.s390x"
},
"product_reference": "libarchive13-3.5.1-150400.3.21.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.5.1-150400.3.21.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.x86_64"
},
"product_reference": "libarchive13-3.5.1-150400.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.5.1-150400.3.21.1.aarch64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.aarch64"
},
"product_reference": "libarchive13-3.5.1-150400.3.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.5.1-150400.3.21.1.s390x as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.s390x"
},
"product_reference": "libarchive13-3.5.1-150400.3.21.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.5.1-150400.3.21.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.x86_64"
},
"product_reference": "libarchive13-3.5.1-150400.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.5.1-150400.3.21.1.aarch64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.aarch64"
},
"product_reference": "libarchive13-3.5.1-150400.3.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.5.1-150400.3.21.1.ppc64le as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.ppc64le"
},
"product_reference": "libarchive13-3.5.1-150400.3.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.5.1-150400.3.21.1.s390x as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.s390x"
},
"product_reference": "libarchive13-3.5.1-150400.3.21.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.5.1-150400.3.21.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.x86_64"
},
"product_reference": "libarchive13-3.5.1-150400.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-5914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-5914"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-5914",
"url": "https://www.suse.com/security/cve/CVE-2025-5914"
},
{
"category": "external",
"summary": "SUSE Bug 1244272 for CVE-2025-5914",
"url": "https://bugzilla.suse.com/1244272"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-06T13:55:09Z",
"details": "important"
}
],
"title": "CVE-2025-5914"
},
{
"cve": "CVE-2025-5915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-5915"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer-Schieber (LZSS) window. This means the library may attempt to read beyond the allocated memory buffer, which can result in unpredictable program behavior, crashes (denial of service), or the disclosure of sensitive information from adjacent memory regions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-5915",
"url": "https://www.suse.com/security/cve/CVE-2025-5915"
},
{
"category": "external",
"summary": "SUSE Bug 1244273 for CVE-2025-5915",
"url": "https://bugzilla.suse.com/1244273"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-06T13:55:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-5915"
},
{
"cve": "CVE-2025-5916",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-5916"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive (WARC) file that claims to have more than INT64_MAX - 4 content bytes. An attacker could craft a malicious WARC archive to induce this overflow, potentially leading to unpredictable program behavior, memory corruption, or a denial-of-service condition within applications that process such archives using libarchive. This bug affects libarchive versions prior to 3.8.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-5916",
"url": "https://www.suse.com/security/cve/CVE-2025-5916"
},
{
"category": "external",
"summary": "SUSE Bug 1244270 for CVE-2025-5916",
"url": "https://bugzilla.suse.com/1244270"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-06T13:55:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-5916"
},
{
"cve": "CVE-2025-5917",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-5917"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been identified in the libarchive library. This flaw involves an \u0027off-by-one\u0027 miscalculation when handling prefixes and suffixes for file names. This can lead to a 1-byte write overflow. While seemingly small, such an overflow can corrupt adjacent memory, leading to unpredictable program behavior, crashes, or in specific circumstances, could be leveraged as a building block for more sophisticated exploitation. This bug affects libarchive versions prior to 3.8.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-5917",
"url": "https://www.suse.com/security/cve/CVE-2025-5917"
},
{
"category": "external",
"summary": "SUSE Bug 1244332 for CVE-2025-5917",
"url": "https://bugzilla.suse.com/1244332"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-06T13:55:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-5917"
},
{
"cve": "CVE-2025-5918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-5918"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memory corruption, or a denial-of-service condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-5918",
"url": "https://www.suse.com/security/cve/CVE-2025-5918"
},
{
"category": "external",
"summary": "SUSE Bug 1244279 for CVE-2025-5918",
"url": "https://bugzilla.suse.com/1244279"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libarchive13-3.5.1-150400.3.21.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-06T13:55:09Z",
"details": "low"
}
],
"title": "CVE-2025-5918"
}
]
}
SUSE-SU-2025:02718-2
Vulnerability from csaf_suse - Published: 2025-08-20 09:46 - Updated: 2025-08-20 09:46Summary
Security update for libarchive
Severity
Moderate
Notes
Title of the patch: Security update for libarchive
Description of the patch: This update for libarchive fixes the following issues:
- CVE-2025-5914: Fixed double free due to an integer overflow in the archive_read_format_rar_seek_data() function (bsc#1244272)
- CVE-2025-5915: Fixed heap buffer over read in copy_from_lzss_window() at archive_read_support_format_rar.c (bsc#1244273)
- CVE-2025-5916: Fixed integer overflow while reading warc files at archive_read_support_format_warc.c (bsc#1244270)
- CVE-2025-5917: Fixed off by one error in build_ustar_entry_name() at archive_write_set_format_pax.c (bsc#1244336)
- CVE-2025-5918: Fixed reading past EOF may be triggered for piped file streams (bsc#1244279)
Patchnames: SUSE-2025-2718,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2718,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2718,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2718,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2718,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2718,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2718,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2718,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2718,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-2718,SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-2718
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
68 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.4 (Medium)
Affected products
Recommended
68 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
68 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
68 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
68 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
References
24 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libarchive",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libarchive fixes the following issues:\n\n- CVE-2025-5914: Fixed double free due to an integer overflow in the archive_read_format_rar_seek_data() function (bsc#1244272)\n- CVE-2025-5915: Fixed heap buffer over read in copy_from_lzss_window() at archive_read_support_format_rar.c (bsc#1244273)\n- CVE-2025-5916: Fixed integer overflow while reading warc files at archive_read_support_format_warc.c (bsc#1244270)\n- CVE-2025-5917: Fixed off by one error in build_ustar_entry_name() at archive_write_set_format_pax.c (bsc#1244336)\n- CVE-2025-5918: Fixed reading past EOF may be triggered for piped file streams (bsc#1244279)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2718,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2718,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2718,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2718,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2718,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2718,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2718,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2718,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2718,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-2718,SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-2718",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02718-2.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02718-2",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502718-2/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02718-2",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041311.html"
},
{
"category": "self",
"summary": "SUSE Bug 1244270",
"url": "https://bugzilla.suse.com/1244270"
},
{
"category": "self",
"summary": "SUSE Bug 1244272",
"url": "https://bugzilla.suse.com/1244272"
},
{
"category": "self",
"summary": "SUSE Bug 1244273",
"url": "https://bugzilla.suse.com/1244273"
},
{
"category": "self",
"summary": "SUSE Bug 1244279",
"url": "https://bugzilla.suse.com/1244279"
},
{
"category": "self",
"summary": "SUSE Bug 1244336",
"url": "https://bugzilla.suse.com/1244336"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-5914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-5914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-5915 page",
"url": "https://www.suse.com/security/cve/CVE-2025-5915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-5916 page",
"url": "https://www.suse.com/security/cve/CVE-2025-5916/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-5917 page",
"url": "https://www.suse.com/security/cve/CVE-2025-5917/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-5918 page",
"url": "https://www.suse.com/security/cve/CVE-2025-5918/"
}
],
"title": "Security update for libarchive",
"tracking": {
"current_release_date": "2025-08-20T09:46:47Z",
"generator": {
"date": "2025-08-20T09:46:47Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02718-2",
"initial_release_date": "2025-08-20T09:46:47Z",
"revision_history": [
{
"date": "2025-08-20T09:46:47Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "bsdtar-3.5.1-150400.3.21.1.aarch64",
"product": {
"name": "bsdtar-3.5.1-150400.3.21.1.aarch64",
"product_id": "bsdtar-3.5.1-150400.3.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"product": {
"name": "libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"product_id": "libarchive-devel-3.5.1-150400.3.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "libarchive13-3.5.1-150400.3.21.1.aarch64",
"product": {
"name": "libarchive13-3.5.1-150400.3.21.1.aarch64",
"product_id": "libarchive13-3.5.1-150400.3.21.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libarchive13-64bit-3.5.1-150400.3.21.1.aarch64_ilp32",
"product": {
"name": "libarchive13-64bit-3.5.1-150400.3.21.1.aarch64_ilp32",
"product_id": "libarchive13-64bit-3.5.1-150400.3.21.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "bsdtar-3.5.1-150400.3.21.1.i586",
"product": {
"name": "bsdtar-3.5.1-150400.3.21.1.i586",
"product_id": "bsdtar-3.5.1-150400.3.21.1.i586"
}
},
{
"category": "product_version",
"name": "libarchive-devel-3.5.1-150400.3.21.1.i586",
"product": {
"name": "libarchive-devel-3.5.1-150400.3.21.1.i586",
"product_id": "libarchive-devel-3.5.1-150400.3.21.1.i586"
}
},
{
"category": "product_version",
"name": "libarchive13-3.5.1-150400.3.21.1.i586",
"product": {
"name": "libarchive13-3.5.1-150400.3.21.1.i586",
"product_id": "libarchive13-3.5.1-150400.3.21.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "bsdtar-3.5.1-150400.3.21.1.ppc64le",
"product": {
"name": "bsdtar-3.5.1-150400.3.21.1.ppc64le",
"product_id": "bsdtar-3.5.1-150400.3.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"product": {
"name": "libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"product_id": "libarchive-devel-3.5.1-150400.3.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libarchive13-3.5.1-150400.3.21.1.ppc64le",
"product": {
"name": "libarchive13-3.5.1-150400.3.21.1.ppc64le",
"product_id": "libarchive13-3.5.1-150400.3.21.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "bsdtar-3.5.1-150400.3.21.1.s390x",
"product": {
"name": "bsdtar-3.5.1-150400.3.21.1.s390x",
"product_id": "bsdtar-3.5.1-150400.3.21.1.s390x"
}
},
{
"category": "product_version",
"name": "libarchive-devel-3.5.1-150400.3.21.1.s390x",
"product": {
"name": "libarchive-devel-3.5.1-150400.3.21.1.s390x",
"product_id": "libarchive-devel-3.5.1-150400.3.21.1.s390x"
}
},
{
"category": "product_version",
"name": "libarchive13-3.5.1-150400.3.21.1.s390x",
"product": {
"name": "libarchive13-3.5.1-150400.3.21.1.s390x",
"product_id": "libarchive13-3.5.1-150400.3.21.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "bsdtar-3.5.1-150400.3.21.1.x86_64",
"product": {
"name": "bsdtar-3.5.1-150400.3.21.1.x86_64",
"product_id": "bsdtar-3.5.1-150400.3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"product": {
"name": "libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"product_id": "libarchive-devel-3.5.1-150400.3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "libarchive13-3.5.1-150400.3.21.1.x86_64",
"product": {
"name": "libarchive13-3.5.1-150400.3.21.1.x86_64",
"product_id": "libarchive13-3.5.1-150400.3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "libarchive13-32bit-3.5.1-150400.3.21.1.x86_64",
"product": {
"name": "libarchive13-32bit-3.5.1-150400.3.21.1.x86_64",
"product_id": "libarchive13-32bit-3.5.1-150400.3.21.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Proxy LTS 4.3",
"product": {
"name": "SUSE Manager Proxy LTS 4.3",
"product_id": "SUSE Manager Proxy LTS 4.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-proxy-lts:4.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server LTS 4.3",
"product": {
"name": "SUSE Manager Server LTS 4.3",
"product_id": "SUSE Manager Server LTS 4.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server-lts:4.3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "bsdtar-3.5.1-150400.3.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64"
},
"product_reference": "bsdtar-3.5.1-150400.3.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bsdtar-3.5.1-150400.3.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64"
},
"product_reference": "bsdtar-3.5.1-150400.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.5.1-150400.3.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64"
},
"product_reference": "libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.5.1-150400.3.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64"
},
"product_reference": "libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.5.1-150400.3.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64"
},
"product_reference": "libarchive13-3.5.1-150400.3.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.5.1-150400.3.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64"
},
"product_reference": "libarchive13-3.5.1-150400.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bsdtar-3.5.1-150400.3.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64"
},
"product_reference": "bsdtar-3.5.1-150400.3.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bsdtar-3.5.1-150400.3.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64"
},
"product_reference": "bsdtar-3.5.1-150400.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.5.1-150400.3.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64"
},
"product_reference": "libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.5.1-150400.3.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64"
},
"product_reference": "libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.5.1-150400.3.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64"
},
"product_reference": "libarchive13-3.5.1-150400.3.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.5.1-150400.3.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64"
},
"product_reference": "libarchive13-3.5.1-150400.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bsdtar-3.5.1-150400.3.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64"
},
"product_reference": "bsdtar-3.5.1-150400.3.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bsdtar-3.5.1-150400.3.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64"
},
"product_reference": "bsdtar-3.5.1-150400.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.5.1-150400.3.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64"
},
"product_reference": "libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.5.1-150400.3.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64"
},
"product_reference": "libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.5.1-150400.3.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64"
},
"product_reference": "libarchive13-3.5.1-150400.3.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.5.1-150400.3.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64"
},
"product_reference": "libarchive13-3.5.1-150400.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bsdtar-3.5.1-150400.3.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64"
},
"product_reference": "bsdtar-3.5.1-150400.3.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bsdtar-3.5.1-150400.3.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64"
},
"product_reference": "bsdtar-3.5.1-150400.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.5.1-150400.3.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64"
},
"product_reference": "libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.5.1-150400.3.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64"
},
"product_reference": "libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.5.1-150400.3.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64"
},
"product_reference": "libarchive13-3.5.1-150400.3.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.5.1-150400.3.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64"
},
"product_reference": "libarchive13-3.5.1-150400.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bsdtar-3.5.1-150400.3.21.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64"
},
"product_reference": "bsdtar-3.5.1-150400.3.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bsdtar-3.5.1-150400.3.21.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le"
},
"product_reference": "bsdtar-3.5.1-150400.3.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bsdtar-3.5.1-150400.3.21.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x"
},
"product_reference": "bsdtar-3.5.1-150400.3.21.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bsdtar-3.5.1-150400.3.21.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64"
},
"product_reference": "bsdtar-3.5.1-150400.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.5.1-150400.3.21.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64"
},
"product_reference": "libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.5.1-150400.3.21.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le"
},
"product_reference": "libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.5.1-150400.3.21.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x"
},
"product_reference": "libarchive-devel-3.5.1-150400.3.21.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.5.1-150400.3.21.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64"
},
"product_reference": "libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.5.1-150400.3.21.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64"
},
"product_reference": "libarchive13-3.5.1-150400.3.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.5.1-150400.3.21.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le"
},
"product_reference": "libarchive13-3.5.1-150400.3.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.5.1-150400.3.21.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x"
},
"product_reference": "libarchive13-3.5.1-150400.3.21.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.5.1-150400.3.21.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64"
},
"product_reference": "libarchive13-3.5.1-150400.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bsdtar-3.5.1-150400.3.21.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64"
},
"product_reference": "bsdtar-3.5.1-150400.3.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bsdtar-3.5.1-150400.3.21.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le"
},
"product_reference": "bsdtar-3.5.1-150400.3.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bsdtar-3.5.1-150400.3.21.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x"
},
"product_reference": "bsdtar-3.5.1-150400.3.21.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bsdtar-3.5.1-150400.3.21.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64"
},
"product_reference": "bsdtar-3.5.1-150400.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.5.1-150400.3.21.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64"
},
"product_reference": "libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.5.1-150400.3.21.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le"
},
"product_reference": "libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.5.1-150400.3.21.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x"
},
"product_reference": "libarchive-devel-3.5.1-150400.3.21.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.5.1-150400.3.21.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64"
},
"product_reference": "libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.5.1-150400.3.21.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64"
},
"product_reference": "libarchive13-3.5.1-150400.3.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.5.1-150400.3.21.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le"
},
"product_reference": "libarchive13-3.5.1-150400.3.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.5.1-150400.3.21.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x"
},
"product_reference": "libarchive13-3.5.1-150400.3.21.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.5.1-150400.3.21.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64"
},
"product_reference": "libarchive13-3.5.1-150400.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bsdtar-3.5.1-150400.3.21.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.ppc64le"
},
"product_reference": "bsdtar-3.5.1-150400.3.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bsdtar-3.5.1-150400.3.21.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.x86_64"
},
"product_reference": "bsdtar-3.5.1-150400.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.5.1-150400.3.21.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.ppc64le"
},
"product_reference": "libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.5.1-150400.3.21.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.x86_64"
},
"product_reference": "libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.5.1-150400.3.21.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.ppc64le"
},
"product_reference": "libarchive13-3.5.1-150400.3.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.5.1-150400.3.21.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.x86_64"
},
"product_reference": "libarchive13-3.5.1-150400.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bsdtar-3.5.1-150400.3.21.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.ppc64le"
},
"product_reference": "bsdtar-3.5.1-150400.3.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bsdtar-3.5.1-150400.3.21.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.x86_64"
},
"product_reference": "bsdtar-3.5.1-150400.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.5.1-150400.3.21.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.ppc64le"
},
"product_reference": "libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.5.1-150400.3.21.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.x86_64"
},
"product_reference": "libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.5.1-150400.3.21.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.ppc64le"
},
"product_reference": "libarchive13-3.5.1-150400.3.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.5.1-150400.3.21.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.x86_64"
},
"product_reference": "libarchive13-3.5.1-150400.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.5.1-150400.3.21.1.x86_64 as component of SUSE Manager Proxy LTS 4.3",
"product_id": "SUSE Manager Proxy LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64"
},
"product_reference": "libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy LTS 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.5.1-150400.3.21.1.x86_64 as component of SUSE Manager Proxy LTS 4.3",
"product_id": "SUSE Manager Proxy LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64"
},
"product_reference": "libarchive13-3.5.1-150400.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy LTS 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.5.1-150400.3.21.1.ppc64le as component of SUSE Manager Server LTS 4.3",
"product_id": "SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.ppc64le"
},
"product_reference": "libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server LTS 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.5.1-150400.3.21.1.s390x as component of SUSE Manager Server LTS 4.3",
"product_id": "SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.s390x"
},
"product_reference": "libarchive-devel-3.5.1-150400.3.21.1.s390x",
"relates_to_product_reference": "SUSE Manager Server LTS 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive-devel-3.5.1-150400.3.21.1.x86_64 as component of SUSE Manager Server LTS 4.3",
"product_id": "SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64"
},
"product_reference": "libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server LTS 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.5.1-150400.3.21.1.ppc64le as component of SUSE Manager Server LTS 4.3",
"product_id": "SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.ppc64le"
},
"product_reference": "libarchive13-3.5.1-150400.3.21.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server LTS 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.5.1-150400.3.21.1.s390x as component of SUSE Manager Server LTS 4.3",
"product_id": "SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.s390x"
},
"product_reference": "libarchive13-3.5.1-150400.3.21.1.s390x",
"relates_to_product_reference": "SUSE Manager Server LTS 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.5.1-150400.3.21.1.x86_64 as component of SUSE Manager Server LTS 4.3",
"product_id": "SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64"
},
"product_reference": "libarchive13-3.5.1-150400.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server LTS 4.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-5914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-5914"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Proxy LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Proxy LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-5914",
"url": "https://www.suse.com/security/cve/CVE-2025-5914"
},
{
"category": "external",
"summary": "SUSE Bug 1244272 for CVE-2025-5914",
"url": "https://bugzilla.suse.com/1244272"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Proxy LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Proxy LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Proxy LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Proxy LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T09:46:47Z",
"details": "important"
}
],
"title": "CVE-2025-5914"
},
{
"cve": "CVE-2025-5915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-5915"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer-Schieber (LZSS) window. This means the library may attempt to read beyond the allocated memory buffer, which can result in unpredictable program behavior, crashes (denial of service), or the disclosure of sensitive information from adjacent memory regions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Proxy LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Proxy LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-5915",
"url": "https://www.suse.com/security/cve/CVE-2025-5915"
},
{
"category": "external",
"summary": "SUSE Bug 1244273 for CVE-2025-5915",
"url": "https://bugzilla.suse.com/1244273"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Proxy LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Proxy LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Proxy LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Proxy LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T09:46:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-5915"
},
{
"cve": "CVE-2025-5916",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-5916"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive (WARC) file that claims to have more than INT64_MAX - 4 content bytes. An attacker could craft a malicious WARC archive to induce this overflow, potentially leading to unpredictable program behavior, memory corruption, or a denial-of-service condition within applications that process such archives using libarchive. This bug affects libarchive versions prior to 3.8.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Proxy LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Proxy LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-5916",
"url": "https://www.suse.com/security/cve/CVE-2025-5916"
},
{
"category": "external",
"summary": "SUSE Bug 1244270 for CVE-2025-5916",
"url": "https://bugzilla.suse.com/1244270"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Proxy LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Proxy LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Proxy LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Proxy LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T09:46:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-5916"
},
{
"cve": "CVE-2025-5917",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-5917"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been identified in the libarchive library. This flaw involves an \u0027off-by-one\u0027 miscalculation when handling prefixes and suffixes for file names. This can lead to a 1-byte write overflow. While seemingly small, such an overflow can corrupt adjacent memory, leading to unpredictable program behavior, crashes, or in specific circumstances, could be leveraged as a building block for more sophisticated exploitation. This bug affects libarchive versions prior to 3.8.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Proxy LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Proxy LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-5917",
"url": "https://www.suse.com/security/cve/CVE-2025-5917"
},
{
"category": "external",
"summary": "SUSE Bug 1244332 for CVE-2025-5917",
"url": "https://bugzilla.suse.com/1244332"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Proxy LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Proxy LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Proxy LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Proxy LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T09:46:47Z",
"details": "moderate"
}
],
"title": "CVE-2025-5917"
},
{
"cve": "CVE-2025-5918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-5918"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memory corruption, or a denial-of-service condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Proxy LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Proxy LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-5918",
"url": "https://www.suse.com/security/cve/CVE-2025-5918"
},
{
"category": "external",
"summary": "SUSE Bug 1244279 for CVE-2025-5918",
"url": "https://bugzilla.suse.com/1244279"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Proxy LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Proxy LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:bsdtar-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Proxy LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Proxy LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.ppc64le",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.s390x",
"SUSE Manager Server LTS 4.3:libarchive-devel-3.5.1-150400.3.21.1.x86_64",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.ppc64le",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.s390x",
"SUSE Manager Server LTS 4.3:libarchive13-3.5.1-150400.3.21.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T09:46:47Z",
"details": "low"
}
],
"title": "CVE-2025-5918"
}
]
}
SUSE-SU-2025:20560-1
Vulnerability from csaf_suse - Published: 2025-08-20 11:38 - Updated: 2025-08-20 11:38Summary
Security update for libarchive
Severity
Moderate
Notes
Title of the patch: Security update for libarchive
Description of the patch: This update for libarchive fixes the following issues:
- CVE-2025-5914: Fixed double free due to an integer overflow in
the archive_read_format_rar_seek_data() function (bsc#1244272)
- CVE-2025-5915: Fixed heap buffer over read in copy_from_lzss_window()
at archive_read_support_format_rar.c (bsc#1244273)
- CVE-2025-5916: Fixed integer overflow while reading warc files at
archive_read_support_format_warc.c (bsc#1244270)
- CVE-2025-5917: Fixed off by one error in build_ustar_entry_name()
at archive_write_set_format_pax.c (bsc#1244336)
- CVE-2025-5918: Fixed past EOF read triggered for piped file
streams (bsc#1244279)
Patchnames: SUSE-SLE-Micro-6.0-427
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.4 (Medium)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
References
24 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libarchive",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libarchive fixes the following issues:\n\n- CVE-2025-5914: Fixed double free due to an integer overflow in \n the archive_read_format_rar_seek_data() function (bsc#1244272)\n- CVE-2025-5915: Fixed heap buffer over read in copy_from_lzss_window() \n at archive_read_support_format_rar.c (bsc#1244273)\n- CVE-2025-5916: Fixed integer overflow while reading warc files at \n archive_read_support_format_warc.c (bsc#1244270)\n- CVE-2025-5917: Fixed off by one error in build_ustar_entry_name() \n at archive_write_set_format_pax.c (bsc#1244336)\n- CVE-2025-5918: Fixed past EOF read triggered for piped file \n streams (bsc#1244279)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-427",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20560-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20560-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520560-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20560-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022320.html"
},
{
"category": "self",
"summary": "SUSE Bug 1244270",
"url": "https://bugzilla.suse.com/1244270"
},
{
"category": "self",
"summary": "SUSE Bug 1244272",
"url": "https://bugzilla.suse.com/1244272"
},
{
"category": "self",
"summary": "SUSE Bug 1244273",
"url": "https://bugzilla.suse.com/1244273"
},
{
"category": "self",
"summary": "SUSE Bug 1244279",
"url": "https://bugzilla.suse.com/1244279"
},
{
"category": "self",
"summary": "SUSE Bug 1244336",
"url": "https://bugzilla.suse.com/1244336"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-5914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-5914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-5915 page",
"url": "https://www.suse.com/security/cve/CVE-2025-5915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-5916 page",
"url": "https://www.suse.com/security/cve/CVE-2025-5916/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-5917 page",
"url": "https://www.suse.com/security/cve/CVE-2025-5917/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-5918 page",
"url": "https://www.suse.com/security/cve/CVE-2025-5918/"
}
],
"title": "Security update for libarchive",
"tracking": {
"current_release_date": "2025-08-20T11:38:12Z",
"generator": {
"date": "2025-08-20T11:38:12Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20560-1",
"initial_release_date": "2025-08-20T11:38:12Z",
"revision_history": [
{
"date": "2025-08-20T11:38:12Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libarchive13-3.6.2-5.1.aarch64",
"product": {
"name": "libarchive13-3.6.2-5.1.aarch64",
"product_id": "libarchive13-3.6.2-5.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libarchive13-3.6.2-5.1.s390x",
"product": {
"name": "libarchive13-3.6.2-5.1.s390x",
"product_id": "libarchive13-3.6.2-5.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libarchive13-3.6.2-5.1.x86_64",
"product": {
"name": "libarchive13-3.6.2-5.1.x86_64",
"product_id": "libarchive13-3.6.2-5.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.6.2-5.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.aarch64"
},
"product_reference": "libarchive13-3.6.2-5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.6.2-5.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.s390x"
},
"product_reference": "libarchive13-3.6.2-5.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.6.2-5.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.x86_64"
},
"product_reference": "libarchive13-3.6.2-5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-5914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-5914"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.aarch64",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.s390x",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-5914",
"url": "https://www.suse.com/security/cve/CVE-2025-5914"
},
{
"category": "external",
"summary": "SUSE Bug 1244272 for CVE-2025-5914",
"url": "https://bugzilla.suse.com/1244272"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.aarch64",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.s390x",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.aarch64",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.s390x",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T11:38:12Z",
"details": "important"
}
],
"title": "CVE-2025-5914"
},
{
"cve": "CVE-2025-5915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-5915"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer-Schieber (LZSS) window. This means the library may attempt to read beyond the allocated memory buffer, which can result in unpredictable program behavior, crashes (denial of service), or the disclosure of sensitive information from adjacent memory regions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.aarch64",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.s390x",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-5915",
"url": "https://www.suse.com/security/cve/CVE-2025-5915"
},
{
"category": "external",
"summary": "SUSE Bug 1244273 for CVE-2025-5915",
"url": "https://bugzilla.suse.com/1244273"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.aarch64",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.s390x",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.aarch64",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.s390x",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T11:38:12Z",
"details": "moderate"
}
],
"title": "CVE-2025-5915"
},
{
"cve": "CVE-2025-5916",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-5916"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive (WARC) file that claims to have more than INT64_MAX - 4 content bytes. An attacker could craft a malicious WARC archive to induce this overflow, potentially leading to unpredictable program behavior, memory corruption, or a denial-of-service condition within applications that process such archives using libarchive. This bug affects libarchive versions prior to 3.8.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.aarch64",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.s390x",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-5916",
"url": "https://www.suse.com/security/cve/CVE-2025-5916"
},
{
"category": "external",
"summary": "SUSE Bug 1244270 for CVE-2025-5916",
"url": "https://bugzilla.suse.com/1244270"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.aarch64",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.s390x",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.aarch64",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.s390x",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T11:38:12Z",
"details": "moderate"
}
],
"title": "CVE-2025-5916"
},
{
"cve": "CVE-2025-5917",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-5917"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been identified in the libarchive library. This flaw involves an \u0027off-by-one\u0027 miscalculation when handling prefixes and suffixes for file names. This can lead to a 1-byte write overflow. While seemingly small, such an overflow can corrupt adjacent memory, leading to unpredictable program behavior, crashes, or in specific circumstances, could be leveraged as a building block for more sophisticated exploitation. This bug affects libarchive versions prior to 3.8.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.aarch64",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.s390x",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-5917",
"url": "https://www.suse.com/security/cve/CVE-2025-5917"
},
{
"category": "external",
"summary": "SUSE Bug 1244332 for CVE-2025-5917",
"url": "https://bugzilla.suse.com/1244332"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.aarch64",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.s390x",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.aarch64",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.s390x",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T11:38:12Z",
"details": "moderate"
}
],
"title": "CVE-2025-5917"
},
{
"cve": "CVE-2025-5918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-5918"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memory corruption, or a denial-of-service condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.aarch64",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.s390x",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-5918",
"url": "https://www.suse.com/security/cve/CVE-2025-5918"
},
{
"category": "external",
"summary": "SUSE Bug 1244279 for CVE-2025-5918",
"url": "https://bugzilla.suse.com/1244279"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.aarch64",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.s390x",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.aarch64",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.s390x",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T11:38:12Z",
"details": "low"
}
],
"title": "CVE-2025-5918"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…