csaf_opensuse - opensuse-su-2025:14732-1

opensuse-su-2025:14732-1

Vulnerability from csaf_opensuse

Published

2025-02-05 00:00

Modified

2025-02-05 00:00

Summary

govulncheck-vulndb-0.0.20250204T220613-1.1 on GA media

Notes

Title of the patch

govulncheck-vulndb-0.0.20250204T220613-1.1 on GA media

Description of the patch

These are all security issues fixed in the govulncheck-vulndb-0.0.20250204T220613-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames

openSUSE-Tumbleweed-2025-14732

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "govulncheck-vulndb-0.0.20250204T220613-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the govulncheck-vulndb-0.0.20250204T220613-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2025-14732",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_14732-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-11741 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-11741/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-35177 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-35177/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-47770 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-47770/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-23216 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-23216/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-24371 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-24371/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-24376 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-24376/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-24784 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-24784/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-24883 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-24883/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-24884 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-24884/"
      }
    ],
    "title": "govulncheck-vulndb-0.0.20250204T220613-1.1 on GA media",
    "tracking": {
      "current_release_date": "2025-02-05T00:00:00Z",
      "generator": {
        "date": "2025-02-05T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2025:14732-1",
      "initial_release_date": "2025-02-05T00:00:00Z",
      "revision_history": [
        {
          "date": "2025-02-05T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "govulncheck-vulndb-0.0.20250204T220613-1.1.aarch64",
                "product": {
                  "name": "govulncheck-vulndb-0.0.20250204T220613-1.1.aarch64",
                  "product_id": "govulncheck-vulndb-0.0.20250204T220613-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "govulncheck-vulndb-0.0.20250204T220613-1.1.ppc64le",
                "product": {
                  "name": "govulncheck-vulndb-0.0.20250204T220613-1.1.ppc64le",
                  "product_id": "govulncheck-vulndb-0.0.20250204T220613-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "govulncheck-vulndb-0.0.20250204T220613-1.1.s390x",
                "product": {
                  "name": "govulncheck-vulndb-0.0.20250204T220613-1.1.s390x",
                  "product_id": "govulncheck-vulndb-0.0.20250204T220613-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "govulncheck-vulndb-0.0.20250204T220613-1.1.x86_64",
                "product": {
                  "name": "govulncheck-vulndb-0.0.20250204T220613-1.1.x86_64",
                  "product_id": "govulncheck-vulndb-0.0.20250204T220613-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "govulncheck-vulndb-0.0.20250204T220613-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.aarch64"
        },
        "product_reference": "govulncheck-vulndb-0.0.20250204T220613-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "govulncheck-vulndb-0.0.20250204T220613-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.ppc64le"
        },
        "product_reference": "govulncheck-vulndb-0.0.20250204T220613-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "govulncheck-vulndb-0.0.20250204T220613-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.s390x"
        },
        "product_reference": "govulncheck-vulndb-0.0.20250204T220613-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "govulncheck-vulndb-0.0.20250204T220613-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.x86_64"
        },
        "product_reference": "govulncheck-vulndb-0.0.20250204T220613-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-11741",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-11741"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Grafana is an open-source platform for monitoring and observability. \nThe Grafana Alerting VictorOps integration was not properly protected and could be exposed to users with Viewer permission. \nFixed in versions 11.5.0, 11.4.1, 11.3.3,   11.2.6, 11.1.11, 11.0.11 and 10.4.15",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-11741",
          "url": "https://www.suse.com/security/cve/CVE-2024-11741"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1236734 for CVE-2024-11741",
          "url": "https://bugzilla.suse.com/1236734"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-02-05T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-11741"
    },
    {
      "cve": "CVE-2024-35177",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-35177"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments. The wazuh-agent for Windows is vulnerable to a Local Privilege Escalation vulnerability due to improper ACL of the non-default installation directory. A local malicious user could potentially exploit this vulnerability by placing one of the many DLL that are loaded and not present on the system in the installation folder of the agent OR by replacing the service executable binary itself with a malicious one. The root cause is an improper ACL applied on the installation folder when a non-default installation path is specified (e.g,: C:\\wazuh). Many DLLs are loaded from the installation folder and by creating a malicious DLLs that exports the functions of a legit one (and that is not found on the system where the agent is installed, such as rsync.dll) it is possible to escalate privileges from a low-privileged user and obtain code execution under the context of NT AUTHORITY\\SYSTEM. This issue has been addressed in version 4.9.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-35177",
          "url": "https://www.suse.com/security/cve/CVE-2024-35177"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-02-05T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-35177"
    },
    {
      "cve": "CVE-2024-47770",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-47770"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments. This vulnerability occurs when the system has weak privilege access, that allows an attacker to do privilege escalation. In this case the attacker is able to view agent list on Wazuh dashboard with no privilege access. This issue has been addressed in release version 4.9.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-47770",
          "url": "https://www.suse.com/security/cve/CVE-2024-47770"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-02-05T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-47770"
    },
    {
      "cve": "CVE-2025-23216",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-23216"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. A vulnerability was discovered in Argo CD that exposed secret values in error messages and the diff view when an invalid Kubernetes Secret resource was synced from a repository. The vulnerability assumes the user has write access to the repository and can exploit it, either intentionally or unintentionally, by committing an invalid Secret to repository and triggering a Sync. Once exploited, any user with read access to Argo CD can view the exposed secret data. The vulnerability is fixed in v2.13.4, v2.12.10, and v2.11.13.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-23216",
          "url": "https://www.suse.com/security/cve/CVE-2025-23216"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-02-05T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-23216"
    },
    {
      "cve": "CVE-2025-24371",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-24371"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "CometBFT is a distributed, Byzantine fault-tolerant, deterministic state machine replication engine. In the `blocksync` protocol peers send their `base` and `latest` heights when they connect to a new node (`A`), which is syncing to the tip of a network. `base` acts as a lower ground and informs `A` that the peer only has blocks starting from height `base`. `latest` height informs `A` about the latest block in a network. Normally, nodes would only report increasing heights. If `B` fails to provide the latest block, `B` is removed and the `latest` height (target height) is recalculated based on other nodes `latest` heights. The existing code however doesn\u0027t check for the case where `B` first reports `latest` height `X` and immediately after height `Y`, where `X \u003e Y`. `A` will be trying to catch up to 2000 indefinitely. This condition requires the introduction of malicious code in the full node first reporting some non-existing `latest` height, then reporting lower `latest` height and nodes which are syncing using `blocksync` protocol. This issue has been patched in versions 1.0.1 and 0.38.17 and all users are advised to upgrade. Operators may attempt to ban malicious peers from the network as a workaround.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-24371",
          "url": "https://www.suse.com/security/cve/CVE-2025-24371"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-02-05T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-24371"
    },
    {
      "cve": "CVE-2025-24376",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-24376"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. By design, AdmissionPolicy and AdmissionPolicyGroup can evaluate only namespaced resources. The resources to be evaluated are determined by the rules provided by the user when defining the policy. There might be Kubernetes namespaced resources that should not be validated by AdmissionPolicy and by the AdmissionPolicyGroup policies because of their sensitive nature. For example, PolicyReport are namespaced resources that contain the list of non compliant objects found inside of a namespace. An attacker can use either an AdmissionPolicy or an AdmissionPolicyGroup to prevent the creation and update of PolicyReport objects to hide non-compliant resources. Moreover, the same attacker might use a mutating AdmissionPolicy to alter the contents of the PolicyReport created inside of the namespace. Starting from the 1.21.0 release, the validation rules applied to AdmissionPolicy and AdmissionPolicyGroup have been tightened to prevent them from validating sensitive types of namespaced resources.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-24376",
          "url": "https://www.suse.com/security/cve/CVE-2025-24376"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-02-05T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-24376"
    },
    {
      "cve": "CVE-2025-24784",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-24784"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. The policy group feature, added to by the 1.17.0 release. By being namespaced, the AdmissionPolicyGroup has a well constrained impact on cluster resources. Hence, it\u0027s considered safe to allow non-admin users to create and manage these resources in the namespaces they own. Kubewarden policies can be allowed to query the Kubernetes API at evaluation time; these types of policies are called \"context aware\". Context aware policies can perform list and get operations against a Kubernetes cluster. The queries are done using the ServiceAccount of the Policy Server instance that hosts the policy. That means that access to the cluster is determined by the RBAC rules that apply to that ServiceAccount. The AdmissionPolicyGroup CRD allowed the deployment of context aware policies. This could allow an attacker to obtain information about resources that are out of their reach, by leveraging a higher access to the cluster granted to the ServiceAccount token used to run the policy. The impact of this vulnerability depends on the privileges that have been granted to the ServiceAccount used to run the Policy Server and assumes that users are using the recommended best practices of keeping the Policy Server\u0027s ServiceAccount least privileged. By default, the Kubewarden helm chart grants access to the following resources (cluster wide) only: Namespace, Pod, Deployment and Ingress. This vulnerability is fixed in 1.21.0.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-24784",
          "url": "https://www.suse.com/security/cve/CVE-2025-24784"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-02-05T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-24784"
    },
    {
      "cve": "CVE-2025-24883",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-24883"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol. A vulnerable node can be forced to shutdown/crash using a specially crafted message. This vulnerability is fixed in 1.14.13.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-24883",
          "url": "https://www.suse.com/security/cve/CVE-2025-24883"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-02-05T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-24883"
    },
    {
      "cve": "CVE-2025-24884",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-24884"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "kube-audit-rest is a simple logger of mutation/creation requests to the k8s api. If the \"full-elastic-stack\" example vector configuration was used for a real cluster, the previous values of kubernetes secrets would have been disclosed in the audit messages. This vulnerability is fixed in 1.0.16.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-24884",
          "url": "https://www.suse.com/security/cve/CVE-2025-24884"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250204T220613-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-02-05T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-24884"
    }
  ]
}

CVE-2024-47770 (GCVE-0-2024-47770)

Vulnerability from cvelistv5

Published

2025-02-03 21:34

Modified

2025-02-04 17:25

Severity ?

4.6 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

CWE

CWE-269 - Improper Privilege Management

Summary

Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments. This vulnerability occurs when the system has weak privilege access, that allows an attacker to do privilege escalation. In this case the attacker is able to view agent list on Wazuh dashboard with no privilege access. This issue has been addressed in release version 4.9.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability.

References

►

URL

Tags

https://github.com/wazuh/wazuh/security/advisories/GHSA-648q-8m78-5cwv

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	wazuh	wazuh	Version: < 4.9.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-47770",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-04T17:24:55.439566Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-04T17:25:17.568Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/wazuh/wazuh/security/advisories/GHSA-648q-8m78-5cwv"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "wazuh",
          "vendor": "wazuh",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 4.9.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments. This vulnerability occurs when the system has weak privilege access, that allows an attacker to do privilege escalation. In this case the attacker is able to view agent list on Wazuh dashboard with no privilege access. This issue has been addressed in release version 4.9.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269: Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-03T21:34:06.742Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/wazuh/wazuh/security/advisories/GHSA-648q-8m78-5cwv",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/wazuh/wazuh/security/advisories/GHSA-648q-8m78-5cwv"
        }
      ],
      "source": {
        "advisory": "GHSA-648q-8m78-5cwv",
        "discovery": "UNKNOWN"
      },
      "title": "Ability to view Agent list with no privilege access in wazuh-dashboard"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-47770",
    "datePublished": "2025-02-03T21:34:06.742Z",
    "dateReserved": "2024-09-30T21:28:53.232Z",
    "dateUpdated": "2025-02-04T17:25:17.568Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-11741 (GCVE-0-2024-11741)

Vulnerability from cvelistv5

Published

2025-01-31 15:12

Modified

2025-05-09 20:03

Severity ?

4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Summary

Grafana is an open-source platform for monitoring and observability. The Grafana Alerting VictorOps integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 11.5.0, 11.4.1, 11.3.3, 11.2.6, 11.1.11, 11.0.11 and 10.4.15

References

►

URL

Tags

https://grafana.com/security/security-advisories/cve-2024-11741/

Impacted products

	Vendor	Product	Version
	Grafana	Grafana	Version: 11.4.0 < 11.4.1 Version: 11.3.0 < 11.3.3 Version: 11.2.0 < 11.2.6 Version: 11.1.0 < 11.1.11 Version: 10.4.0 < 10.4.15

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-11741",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-31T15:31:59.645050Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-31T15:32:13.294Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-05-09T20:03:33.716Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://security.netapp.com/advisory/ntap-20250509-0006/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Grafana",
          "vendor": "Grafana",
          "versions": [
            {
              "lessThan": "11.4.1",
              "status": "affected",
              "version": "11.4.0",
              "versionType": "custom"
            },
            {
              "lessThan": "11.3.3",
              "status": "affected",
              "version": "11.3.0",
              "versionType": "custom"
            },
            {
              "lessThan": "11.2.6",
              "status": "affected",
              "version": "11.2.0",
              "versionType": "custom"
            },
            {
              "lessThan": "11.1.11",
              "status": "affected",
              "version": "11.1.0",
              "versionType": "custom"
            },
            {
              "lessThan": "10.4.15",
              "status": "affected",
              "version": "10.4.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Grafana is an open-source platform for monitoring and observability. \u003cbr\u003eThe Grafana Alerting VictorOps integration was not properly protected and could be exposed to users with Viewer permission. \u003cbr\u003eFixed in versions 11.5.0, 11.4.1, 11.3.3,\u0026nbsp; 11.2.6, 11.1.11, 11.0.11 and 10.4.15"
            }
          ],
          "value": "Grafana is an open-source platform for monitoring and observability. \nThe Grafana Alerting VictorOps integration was not properly protected and could be exposed to users with Viewer permission. \nFixed in versions 11.5.0, 11.4.1, 11.3.3,\u00a0 11.2.6, 11.1.11, 11.0.11 and 10.4.15"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-31T15:12:29.122Z",
        "orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
        "shortName": "GRAFANA"
      },
      "references": [
        {
          "url": "https://grafana.com/security/security-advisories/cve-2024-11741/"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
    "assignerShortName": "GRAFANA",
    "cveId": "CVE-2024-11741",
    "datePublished": "2025-01-31T15:12:29.122Z",
    "dateReserved": "2024-11-26T13:17:13.248Z",
    "dateUpdated": "2025-05-09T20:03:33.716Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-24784 (GCVE-0-2025-24784)

Vulnerability from cvelistv5

Published

2025-01-30 15:39

Modified

2025-02-12 19:51

Severity ?

4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE

CWE-285 - Improper Authorization

Summary

kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. The policy group feature, added to by the 1.17.0 release. By being namespaced, the AdmissionPolicyGroup has a well constrained impact on cluster resources. Hence, it’s considered safe to allow non-admin users to create and manage these resources in the namespaces they own. Kubewarden policies can be allowed to query the Kubernetes API at evaluation time; these types of policies are called “context aware“. Context aware policies can perform list and get operations against a Kubernetes cluster. The queries are done using the ServiceAccount of the Policy Server instance that hosts the policy. That means that access to the cluster is determined by the RBAC rules that apply to that ServiceAccount. The AdmissionPolicyGroup CRD allowed the deployment of context aware policies. This could allow an attacker to obtain information about resources that are out of their reach, by leveraging a higher access to the cluster granted to the ServiceAccount token used to run the policy. The impact of this vulnerability depends on the privileges that have been granted to the ServiceAccount used to run the Policy Server and assumes that users are using the recommended best practices of keeping the Policy Server's ServiceAccount least privileged. By default, the Kubewarden helm chart grants access to the following resources (cluster wide) only: Namespace, Pod, Deployment and Ingress. This vulnerability is fixed in 1.21.0.

References

►

URL

Tags

	https://github.com/kubewarden/kubewarden-controller/security/advisories/GHSA-756x-m4mj-q96c	x_refsource_CONFIRM
	https://github.com/kubewarden/kubewarden-controller/commit/51a88dfbb4c090ce0f76a22d98106518e0824d0b	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	kubewarden	kubewarden-controller	Version: >= 1.17.0, < 1.21.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-24784",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-30T16:31:36.293301Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-12T19:51:11.887Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "kubewarden-controller",
          "vendor": "kubewarden",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 1.17.0, \u003c 1.21.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. The policy group feature, added to by the 1.17.0 release. By being namespaced, the AdmissionPolicyGroup has a well constrained impact on cluster resources. Hence, it\u2019s considered safe to allow non-admin users to create and manage these resources in the namespaces they own. Kubewarden policies can be allowed to query the Kubernetes API at evaluation time; these types of policies are called \u201ccontext aware\u201c. Context aware policies can perform list and get operations against a Kubernetes cluster. The queries are done using the ServiceAccount of the Policy Server instance that hosts the policy. That means that access to the cluster is determined by the RBAC rules that apply to that ServiceAccount. The AdmissionPolicyGroup CRD allowed the deployment of context aware policies. This could allow an attacker to obtain information about resources that are out of their reach, by leveraging a higher access to the cluster granted to the ServiceAccount token used to run the policy. The impact of this vulnerability depends on the privileges that have been granted to the ServiceAccount used to run the Policy Server and assumes that users are using the recommended best practices of keeping the Policy Server\u0027s ServiceAccount least privileged. By default, the Kubewarden helm chart grants access to the following resources (cluster wide) only: Namespace, Pod, Deployment and Ingress. This vulnerability is fixed in 1.21.0."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-285",
              "description": "CWE-285: Improper Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-30T15:39:37.561Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/kubewarden/kubewarden-controller/security/advisories/GHSA-756x-m4mj-q96c",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/kubewarden/kubewarden-controller/security/advisories/GHSA-756x-m4mj-q96c"
        },
        {
          "name": "https://github.com/kubewarden/kubewarden-controller/commit/51a88dfbb4c090ce0f76a22d98106518e0824d0b",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/kubewarden/kubewarden-controller/commit/51a88dfbb4c090ce0f76a22d98106518e0824d0b"
        }
      ],
      "source": {
        "advisory": "GHSA-756x-m4mj-q96c",
        "discovery": "UNKNOWN"
      },
      "title": "kubewarden-controller has an Information leak via AdmissionPolicyGroup Resource"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-24784",
    "datePublished": "2025-01-30T15:39:37.561Z",
    "dateReserved": "2025-01-23T17:11:35.835Z",
    "dateUpdated": "2025-02-12T19:51:11.887Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-24884 (GCVE-0-2025-24884)

Vulnerability from cvelistv5

Published

2025-01-29 20:15

Modified

2025-01-31 16:56

Severity ?

5.1 (Medium) - CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

CWE

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
CWE-212 - Improper Removal of Sensitive Information Before Storage or Transfer
CWE-532 - Insertion of Sensitive Information into Log File

Summary

kube-audit-rest is a simple logger of mutation/creation requests to the k8s api. If the "full-elastic-stack" example vector configuration was used for a real cluster, the previous values of kubernetes secrets would have been disclosed in the audit messages. This vulnerability is fixed in 1.0.16.

References

►

URL

Tags

	https://github.com/RichardoC/kube-audit-rest/security/advisories/GHSA-hcr5-wv4p-h2g2	x_refsource_CONFIRM
	https://github.com/RichardoC/kube-audit-rest/commit/db1aa5b867256b0a7bf206544c6981ab068b73dc	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	RichardoC	kube-audit-rest	Version: < 1.0.16

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-24884",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-31T16:55:48.284204Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-31T16:56:01.134Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "kube-audit-rest",
          "vendor": "RichardoC",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.0.16"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "kube-audit-rest is a simple logger of mutation/creation requests to the k8s api. If the \"full-elastic-stack\" example vector configuration was used for a real cluster, the previous values of kubernetes secrets would have been disclosed in the audit messages. This vulnerability is fixed in 1.0.16."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "LOW"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-212",
              "description": "CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "CWE-532: Insertion of Sensitive Information into Log File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-29T20:15:39.454Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/RichardoC/kube-audit-rest/security/advisories/GHSA-hcr5-wv4p-h2g2",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/RichardoC/kube-audit-rest/security/advisories/GHSA-hcr5-wv4p-h2g2"
        },
        {
          "name": "https://github.com/RichardoC/kube-audit-rest/commit/db1aa5b867256b0a7bf206544c6981ab068b73dc",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/RichardoC/kube-audit-rest/commit/db1aa5b867256b0a7bf206544c6981ab068b73dc"
        }
      ],
      "source": {
        "advisory": "GHSA-hcr5-wv4p-h2g2",
        "discovery": "UNKNOWN"
      },
      "title": "kube-audit-rest\u0027s example logging configuration could disclose secret values in the audit log"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-24884",
    "datePublished": "2025-01-29T20:15:39.454Z",
    "dateReserved": "2025-01-27T15:32:29.450Z",
    "dateUpdated": "2025-01-31T16:56:01.134Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-24371 (GCVE-0-2025-24371)

Vulnerability from cvelistv5

Published

2025-02-03 21:20

Modified

2025-02-04 19:16

Severity ?

7.1 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

CWE

CWE-703 - Improper Check or Handling of Exceptional Conditions

Summary

CometBFT is a distributed, Byzantine fault-tolerant, deterministic state machine replication engine. In the `blocksync` protocol peers send their `base` and `latest` heights when they connect to a new node (`A`), which is syncing to the tip of a network. `base` acts as a lower ground and informs `A` that the peer only has blocks starting from height `base`. `latest` height informs `A` about the latest block in a network. Normally, nodes would only report increasing heights. If `B` fails to provide the latest block, `B` is removed and the `latest` height (target height) is recalculated based on other nodes `latest` heights. The existing code however doesn't check for the case where `B` first reports `latest` height `X` and immediately after height `Y`, where `X > Y`. `A` will be trying to catch up to 2000 indefinitely. This condition requires the introduction of malicious code in the full node first reporting some non-existing `latest` height, then reporting lower `latest` height and nodes which are syncing using `blocksync` protocol. This issue has been patched in versions 1.0.1 and 0.38.17 and all users are advised to upgrade. Operators may attempt to ban malicious peers from the network as a workaround.

References

►

URL

Tags

	https://github.com/cometbft/cometbft/security/advisories/GHSA-22qq-3xwm-r5x4	x_refsource_CONFIRM
	https://github.com/cometbft/cometbft/releases/tag/v0.38.17	x_refsource_MISC
	https://github.com/cometbft/cometbft/releases/tag/v1.0.1	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	cometbft	cometbft	Version: < 0.38.17 Version: = 1.0.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-24371",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-04T19:15:05.677855Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-04T19:16:21.174Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "cometbft",
          "vendor": "cometbft",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 0.38.17"
            },
            {
              "status": "affected",
              "version": "= 1.0.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "CometBFT is a distributed, Byzantine fault-tolerant, deterministic state machine replication engine. In the `blocksync` protocol peers send their `base` and `latest` heights when they connect to a new node (`A`), which is syncing to the tip of a network. `base` acts as a lower ground and informs `A` that the peer only has blocks starting from height `base`. `latest` height informs `A` about the latest block in a network. Normally, nodes would only report increasing heights. If `B` fails to provide the latest block, `B` is removed and the `latest` height (target height) is recalculated based on other nodes `latest` heights. The existing code however doesn\u0027t check for the case where `B` first reports `latest` height `X` and immediately after height `Y`, where `X \u003e Y`. `A` will be trying to catch up to 2000 indefinitely. This condition requires the introduction of malicious code in the full node first reporting some non-existing `latest` height, then reporting lower `latest` height and nodes which are syncing using `blocksync` protocol. This issue has been patched in versions 1.0.1 and 0.38.17 and all users are advised to upgrade. Operators may attempt to ban malicious peers from the network as a workaround."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "privilegesRequired": "LOW",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-703",
              "description": "CWE-703: Improper Check or Handling of Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-03T21:20:56.024Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/cometbft/cometbft/security/advisories/GHSA-22qq-3xwm-r5x4",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/cometbft/cometbft/security/advisories/GHSA-22qq-3xwm-r5x4"
        },
        {
          "name": "https://github.com/cometbft/cometbft/releases/tag/v0.38.17",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/cometbft/cometbft/releases/tag/v0.38.17"
        },
        {
          "name": "https://github.com/cometbft/cometbft/releases/tag/v1.0.1",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/cometbft/cometbft/releases/tag/v1.0.1"
        }
      ],
      "source": {
        "advisory": "GHSA-22qq-3xwm-r5x4",
        "discovery": "UNKNOWN"
      },
      "title": "Malicious peer can make node stuck in blocksync in github.com/cometbft/cometbft"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-24371",
    "datePublished": "2025-02-03T21:20:56.024Z",
    "dateReserved": "2025-01-20T15:18:26.991Z",
    "dateUpdated": "2025-02-04T19:16:21.174Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-35177 (GCVE-0-2024-35177)

Vulnerability from cvelistv5

Published

2025-02-03 21:35

Modified

2025-02-04 15:25

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-284 - Improper Access Control

Summary

Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments. The wazuh-agent for Windows is vulnerable to a Local Privilege Escalation vulnerability due to improper ACL of the non-default installation directory. A local malicious user could potentially exploit this vulnerability by placing one of the many DLL that are loaded and not present on the system in the installation folder of the agent OR by replacing the service executable binary itself with a malicious one. The root cause is an improper ACL applied on the installation folder when a non-default installation path is specified (e.g,: C:\wazuh). Many DLLs are loaded from the installation folder and by creating a malicious DLLs that exports the functions of a legit one (and that is not found on the system where the agent is installed, such as rsync.dll) it is possible to escalate privileges from a low-privileged user and obtain code execution under the context of NT AUTHORITY\SYSTEM. This issue has been addressed in version 4.9.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability.

References

►

URL

Tags

https://github.com/wazuh/wazuh/security/advisories/GHSA-pmr2-2r83-h3cv

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	wazuh	wazuh	Version: >= 3.0.0, < 4.9.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-35177",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-04T15:25:09.484895Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-04T15:25:14.860Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "wazuh",
          "vendor": "wazuh",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 3.0.0, \u003c 4.9.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments. The wazuh-agent for Windows is vulnerable to a Local Privilege Escalation vulnerability due to improper ACL of the non-default installation directory. A local malicious user could potentially exploit this vulnerability by placing one of the many DLL that are loaded and not present on the system in the installation folder of the agent OR by replacing the service executable binary itself with a malicious one. The root cause is an improper ACL applied on the installation folder when a non-default installation path is specified (e.g,: C:\\wazuh). Many DLLs are loaded from the installation folder and by creating a malicious DLLs that exports the functions of a legit one (and that is not found on the system where the agent is installed, such as rsync.dll) it is possible to escalate privileges from a low-privileged user and obtain code execution under the context of NT AUTHORITY\\SYSTEM. This issue has been addressed in version 4.9.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "CWE-284: Improper Access Control",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-03T21:35:46.430Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/wazuh/wazuh/security/advisories/GHSA-pmr2-2r83-h3cv",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/wazuh/wazuh/security/advisories/GHSA-pmr2-2r83-h3cv"
        }
      ],
      "source": {
        "advisory": "GHSA-pmr2-2r83-h3cv",
        "discovery": "UNKNOWN"
      },
      "title": "Improper Access Control in wazuh-agent"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-35177",
    "datePublished": "2025-02-03T21:35:46.430Z",
    "dateReserved": "2024-05-10T14:24:24.338Z",
    "dateUpdated": "2025-02-04T15:25:14.860Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-24883 (GCVE-0-2025-24883)

Vulnerability from cvelistv5

Published

2025-01-30 15:58

Modified

2025-01-30 16:25

Severity ?

8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

CWE

CWE-248 - Uncaught Exception

Summary

go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol. A vulnerable node can be forced to shutdown/crash using a specially crafted message. This vulnerability is fixed in 1.14.13.

References

►

URL

Tags

	https://github.com/ethereum/go-ethereum/security/advisories/GHSA-q26p-9cq4-7fc2	x_refsource_CONFIRM
	https://github.com/ethereum/go-ethereum/commit/fa9a2ff8687ec9efe57b4b9833d5590d20f8a83f	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	ethereum	go-ethereum	Version: >= 1.14.0, < 1.14.13

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-24883",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-30T16:25:02.782529Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-30T16:25:15.290Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "go-ethereum",
          "vendor": "ethereum",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 1.14.0, \u003c 1.14.13"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol. A vulnerable node can be forced to shutdown/crash using a specially crafted message. This vulnerability is fixed in 1.14.13."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-248",
              "description": "CWE-248: Uncaught Exception",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-30T15:58:29.344Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/ethereum/go-ethereum/security/advisories/GHSA-q26p-9cq4-7fc2",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ethereum/go-ethereum/security/advisories/GHSA-q26p-9cq4-7fc2"
        },
        {
          "name": "https://github.com/ethereum/go-ethereum/commit/fa9a2ff8687ec9efe57b4b9833d5590d20f8a83f",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ethereum/go-ethereum/commit/fa9a2ff8687ec9efe57b4b9833d5590d20f8a83f"
        }
      ],
      "source": {
        "advisory": "GHSA-q26p-9cq4-7fc2",
        "discovery": "UNKNOWN"
      },
      "title": "go-ethereum has a DoS via malicious p2p message"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-24883",
    "datePublished": "2025-01-30T15:58:10.488Z",
    "dateReserved": "2025-01-27T15:32:29.450Z",
    "dateUpdated": "2025-01-30T16:25:15.290Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-24376 (GCVE-0-2025-24376)

Vulnerability from cvelistv5

Published

2025-01-30 15:51

Modified

2025-02-12 19:51

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

CWE

CWE-285 - Improper Authorization
CWE-155 - Improper Neutralization of Wildcards or Matching Symbols

Summary

kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. By design, AdmissionPolicy and AdmissionPolicyGroup can evaluate only namespaced resources. The resources to be evaluated are determined by the rules provided by the user when defining the policy. There might be Kubernetes namespaced resources that should not be validated by AdmissionPolicy and by the AdmissionPolicyGroup policies because of their sensitive nature. For example, PolicyReport are namespaced resources that contain the list of non compliant objects found inside of a namespace. An attacker can use either an AdmissionPolicy or an AdmissionPolicyGroup to prevent the creation and update of PolicyReport objects to hide non-compliant resources. Moreover, the same attacker might use a mutating AdmissionPolicy to alter the contents of the PolicyReport created inside of the namespace. Starting from the 1.21.0 release, the validation rules applied to AdmissionPolicy and AdmissionPolicyGroup have been tightened to prevent them from validating sensitive types of namespaced resources.

References

►

URL

Tags

	https://github.com/kubewarden/kubewarden-controller/security/advisories/GHSA-fc89-jghx-8pvg	x_refsource_CONFIRM
	https://github.com/kubewarden/kubewarden-controller/commit/8124039b5f0c955d0ee8c8ca12d4415282f02d2c	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	kubewarden	kubewarden-controller	Version: >= 1.7.0, < 1.21.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-24376",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-30T16:30:48.623239Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-12T19:51:11.773Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "kubewarden-controller",
          "vendor": "kubewarden",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 1.7.0, \u003c 1.21.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. By design, AdmissionPolicy and AdmissionPolicyGroup can evaluate only namespaced resources. The resources to be evaluated are determined by the rules provided by the user when defining the policy. There might be Kubernetes namespaced resources that should not be validated by AdmissionPolicy and by the AdmissionPolicyGroup policies because of their sensitive nature. For example, PolicyReport are namespaced resources that contain the list of non compliant objects found inside of a namespace. An attacker can use either an AdmissionPolicy or an AdmissionPolicyGroup to prevent the creation and update of PolicyReport objects to hide non-compliant resources. Moreover, the same attacker might use a mutating AdmissionPolicy to alter the contents of the PolicyReport created inside of the namespace. Starting from the 1.21.0 release, the validation rules applied to AdmissionPolicy and AdmissionPolicyGroup have been tightened to prevent them from validating sensitive types of namespaced resources."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-285",
              "description": "CWE-285: Improper Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-155",
              "description": "CWE-155: Improper Neutralization of Wildcards or Matching Symbols",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-30T15:51:46.184Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/kubewarden/kubewarden-controller/security/advisories/GHSA-fc89-jghx-8pvg",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/kubewarden/kubewarden-controller/security/advisories/GHSA-fc89-jghx-8pvg"
        },
        {
          "name": "https://github.com/kubewarden/kubewarden-controller/commit/8124039b5f0c955d0ee8c8ca12d4415282f02d2c",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/kubewarden/kubewarden-controller/commit/8124039b5f0c955d0ee8c8ca12d4415282f02d2c"
        }
      ],
      "source": {
        "advisory": "GHSA-fc89-jghx-8pvg",
        "discovery": "UNKNOWN"
      },
      "title": "The kubewarden-controller AdmissionPolicy and AdmissionPolicyGroup policies can be used to alter PolicyReport resources"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-24376",
    "datePublished": "2025-01-30T15:51:46.184Z",
    "dateReserved": "2025-01-20T15:18:26.992Z",
    "dateUpdated": "2025-02-12T19:51:11.773Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-23216 (GCVE-0-2025-23216)

Vulnerability from cvelistv5

Published

2025-01-30 15:30

Modified

2025-02-12 19:51

Severity ?

6.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

CWE

CWE-209 - Generation of Error Message Containing Sensitive Information
CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Summary

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. A vulnerability was discovered in Argo CD that exposed secret values in error messages and the diff view when an invalid Kubernetes Secret resource was synced from a repository. The vulnerability assumes the user has write access to the repository and can exploit it, either intentionally or unintentionally, by committing an invalid Secret to repository and triggering a Sync. Once exploited, any user with read access to Argo CD can view the exposed secret data. The vulnerability is fixed in v2.13.4, v2.12.10, and v2.11.13.

References

►

URL

Tags

	https://github.com/argoproj/argo-cd/security/advisories/GHSA-47g2-qmh2-749v	x_refsource_CONFIRM
	https://github.com/argoproj/argo-cd/commit/6f5537bdf15ddbaa0f27a1a678632ff0743e4107	x_refsource_MISC
	https://github.com/argoproj/gitops-engine/commit/7e21b91e9d0f64104c8a661f3f390c5e6d73ddca	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	argoproj	argo-cd	Version: >= 2.13.0, < 2.13.4 Version: >= 2.12.0, < 2.12.10 Version: < 2.11.13

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-23216",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-30T16:40:31.507364Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-12T19:51:12.285Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "argo-cd",
          "vendor": "argoproj",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 2.13.0, \u003c 2.13.4"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.12.0, \u003c 2.12.10"
            },
            {
              "status": "affected",
              "version": "\u003c 2.11.13"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. A vulnerability was discovered in Argo CD that exposed secret values in error messages and the diff view when an invalid Kubernetes Secret resource was synced from a repository. The vulnerability assumes the user has write access to the repository and can exploit it, either intentionally or unintentionally, by committing an invalid Secret to repository and triggering a Sync. Once exploited, any user with read access to Argo CD can view the exposed secret data. The vulnerability is fixed in v2.13.4, v2.12.10, and v2.11.13."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-209",
              "description": "CWE-209: Generation of Error Message Containing Sensitive Information",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-30T15:30:05.405Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-47g2-qmh2-749v",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-47g2-qmh2-749v"
        },
        {
          "name": "https://github.com/argoproj/argo-cd/commit/6f5537bdf15ddbaa0f27a1a678632ff0743e4107",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/argoproj/argo-cd/commit/6f5537bdf15ddbaa0f27a1a678632ff0743e4107"
        },
        {
          "name": "https://github.com/argoproj/gitops-engine/commit/7e21b91e9d0f64104c8a661f3f390c5e6d73ddca",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/argoproj/gitops-engine/commit/7e21b91e9d0f64104c8a661f3f390c5e6d73ddca"
        }
      ],
      "source": {
        "advisory": "GHSA-47g2-qmh2-749v",
        "discovery": "UNKNOWN"
      },
      "title": "Argo CD does not scrub secret values from patch errors"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-23216",
    "datePublished": "2025-01-30T15:30:05.405Z",
    "dateReserved": "2025-01-13T17:15:41.051Z",
    "dateUpdated": "2025-02-12T19:51:12.285Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

opensuse-su-2025:14732-1

Vulnerability from csaf_opensuse

CVE-2024-47770 (GCVE-0-2024-47770)

Vulnerability from cvelistv5

CVE-2024-11741 (GCVE-0-2024-11741)

Vulnerability from cvelistv5

CVE-2025-24784 (GCVE-0-2025-24784)

Vulnerability from cvelistv5

CVE-2025-24884 (GCVE-0-2025-24884)

Vulnerability from cvelistv5

CVE-2025-24371 (GCVE-0-2025-24371)

Vulnerability from cvelistv5

CVE-2024-35177 (GCVE-0-2024-35177)

Vulnerability from cvelistv5

CVE-2025-24883 (GCVE-0-2025-24883)

Vulnerability from cvelistv5

CVE-2025-24376 (GCVE-0-2025-24376)

Vulnerability from cvelistv5

CVE-2025-23216 (GCVE-0-2025-23216)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature