csaf_opensuse - opensuse-su-2025:15017-1

opensuse-su-2025:15017-1

Vulnerability from csaf_opensuse

Published

2025-04-23 00:00

Modified

2025-04-23 00:00

Summary

govulncheck-vulndb-0.0.20250422T181640-1.1 on GA media

Notes

Title of the patch

govulncheck-vulndb-0.0.20250422T181640-1.1 on GA media

Description of the patch

These are all security issues fixed in the govulncheck-vulndb-0.0.20250422T181640-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames

openSUSE-Tumbleweed-2025-15017

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "govulncheck-vulndb-0.0.20250422T181640-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the govulncheck-vulndb-0.0.20250422T181640-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2025-15017",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15017-1.json"
      },
      {
        "category": "self",
        "summary": "URL for openSUSE-SU-2025:15017-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XCF7AZBKQYAQXK32J6F54H6NREFBK2V7/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for openSUSE-SU-2025:15017-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XCF7AZBKQYAQXK32J6F54H6NREFBK2V7/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-15119 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-15119/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-1386 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-1386/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-2424 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-2424/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-24358 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-24358/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-2475 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-2475/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-24839 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-24839/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-24866 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-24866/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-2564 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-2564/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-27538 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-27538/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-27571 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-27571/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-27936 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-27936/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-30206 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-30206/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-31363 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-31363/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-32093 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-32093/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-32431 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-32431/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-32445 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-32445/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-32793 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-32793/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-32963 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-32963/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-3801 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-3801/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-43970 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-43970/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-43971 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-43971/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-43972 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-43972/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-43973 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-43973/"
      }
    ],
    "title": "govulncheck-vulndb-0.0.20250422T181640-1.1 on GA media",
    "tracking": {
      "current_release_date": "2025-04-23T00:00:00Z",
      "generator": {
        "date": "2025-04-23T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2025:15017-1",
      "initial_release_date": "2025-04-23T00:00:00Z",
      "revision_history": [
        {
          "date": "2025-04-23T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
                "product": {
                  "name": "govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
                  "product_id": "govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
                "product": {
                  "name": "govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
                  "product_id": "govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
                "product": {
                  "name": "govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
                  "product_id": "govulncheck-vulndb-0.0.20250422T181640-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64",
                "product": {
                  "name": "govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64",
                  "product_id": "govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64"
        },
        "product_reference": "govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le"
        },
        "product_reference": "govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "govulncheck-vulndb-0.0.20250422T181640-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x"
        },
        "product_reference": "govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
        },
        "product_reference": "govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2019-15119",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-15119"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "lib/install/install.go in cnlh nps through 0.23.2 uses 0777 permissions for /usr/local/bin/nps and/or /usr/bin/nps, leading to a file overwrite by a local user.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-15119",
          "url": "https://www.suse.com/security/cve/CVE-2019-15119"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-23T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-15119"
    },
    {
      "cve": "CVE-2025-1386",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-1386"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When using the ch-go library, under a specific condition when the query includes a large, uncompressed malicious external data, it is possible for an attacker in control of such data to smuggle another query packet into the connection stream.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-1386",
          "url": "https://www.suse.com/security/cve/CVE-2025-1386"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1241100 for CVE-2025-1386",
          "url": "https://bugzilla.suse.com/1241100"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-23T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-1386"
    },
    {
      "cve": "CVE-2025-2424",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-2424"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mattermost versions 10.5.x \u003c= 10.5.1, 9.11.x \u003c= 9.11.9 fail to check if a file has been deleted when creating a bookmark which allows an attacker who knows the IDs of deleted files to obtain metadata of the files via bookmark creation.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-2424",
          "url": "https://www.suse.com/security/cve/CVE-2025-2424"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-23T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2025-2424"
    },
    {
      "cve": "CVE-2025-24358",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-24358"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "gorilla/csrf provides Cross Site Request Forgery (CSRF) prevention middleware for Go web applications \u0026 services. Prior to 1.7.2, gorilla/csrf does not validate the Origin header against an allowlist. Its executes its validation of the Referer header for cross-origin requests only when it believes the request is being served over TLS. It determines this by inspecting the r.URL.Scheme value. However, this value is never populated for \"server\" requests per the Go spec, and so this check does not run in practice. This vulnerability allows an attacker who has gained XSS on a subdomain or top level domain to perform authenticated form submissions against gorilla/csrf protected targets that share the same top level domain. This vulnerability is fixed in 1.7.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-24358",
          "url": "https://www.suse.com/security/cve/CVE-2025-24358"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1241233 for CVE-2025-24358",
          "url": "https://bugzilla.suse.com/1241233"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-23T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-24358"
    },
    {
      "cve": "CVE-2025-2475",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-2475"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mattermost versions 10.5.x \u003c= 10.5.1, 10.4.x \u003c= 10.4.3, 9.11.x \u003c= 9.11.9 fail to invalidate the cache when a user account is converted to a bot which allows an attacker to login to the bot exactly one time via normal credentials.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-2475",
          "url": "https://www.suse.com/security/cve/CVE-2025-2475"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-23T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-2475"
    },
    {
      "cve": "CVE-2025-24839",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-24839"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mattermost versions 10.5.x \u003c= 10.5.1, 10.4.x \u003c= 10.4.3, 9.11.x \u003c= 9.11.9 fail to prevent Wrangler posts from triggering AI responses. This vulnerability allows users without access to the AI bot to activate it by attaching the activate_ai override property to a post via the Wrangler plugin, provided both the AI and Wrangler plugins are enabled.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-24839",
          "url": "https://www.suse.com/security/cve/CVE-2025-24839"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-23T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2025-24839"
    },
    {
      "cve": "CVE-2025-24866",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-24866"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mattermost versions 9.11.x \u003c= 9.11.8   fail to enforce proper access controls on the /api/v4/audits endpoint, allowing users with delegated granular administration roles who lack access to Compliance Monitoring to retrieve User Activity Logs.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-24866",
          "url": "https://www.suse.com/security/cve/CVE-2025-24866"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-23T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2025-24866"
    },
    {
      "cve": "CVE-2025-2564",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-2564"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mattermost versions 10.5.x \u003c= 10.5.1, 10.4.x \u003c= 10.4.3, 9.11.x \u003c= 9.11.9 fail to properly enforce the \u0027Allow users to view/update archived channels\u0027 System Console setting, which allows authenticated users to view members and member information of archived channels even when this setting is disabled.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-2564",
          "url": "https://www.suse.com/security/cve/CVE-2025-2564"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-23T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-2564"
    },
    {
      "cve": "CVE-2025-27538",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-27538"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mattermost versions 10.5.x \u003c= 10.5.1, 9.11.x \u003c= 9.11.9 fail to enforce MFA checks in PUT /api/v4/users/user-id/mfa when the requesting user differs from the target user ID, which allows users with edit_other_users permission to activate or deactivate MFA for other users, even if those users have not set up MFA.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-27538",
          "url": "https://www.suse.com/security/cve/CVE-2025-27538"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-23T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2025-27538"
    },
    {
      "cve": "CVE-2025-27571",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-27571"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mattermost versions 10.5.x \u003c= 10.5.1, 10.4.x \u003c= 10.4.3, 9.11.x \u003c= 9.11.9 fail to check the \"Allow Users to View Archived Channels\" configuration when fetching channel metadata of a post from archived channels, which allows authenticated users to access such information when a channel is archived.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-27571",
          "url": "https://www.suse.com/security/cve/CVE-2025-27571"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-23T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-27571"
    },
    {
      "cve": "CVE-2025-27936",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-27936"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mattermost Plugin MSTeams versions \u003c2.1.0 and Mattermost Server  versions 10.5.x \u003c=10.5.1 with the MS Teams plugin enabled fail to perform constant time comparison on a MSTeams plugin webhook secret which allows  an attacker to retrieve the webhook secret of the MSTeams plugin via a timing attack during webhook secret comparison.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-27936",
          "url": "https://www.suse.com/security/cve/CVE-2025-27936"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-23T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-27936"
    },
    {
      "cve": "CVE-2025-30206",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-30206"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Dpanel is a Docker visualization panel system which provides complete Docker management functions. The Dpanel service contains a hardcoded JWT secret in its default configuration, allowing attackers to generate valid JWT tokens and compromise the host machine. This security flaw allows attackers to analyze the source code, discover the embedded secret, and craft legitimate JWT tokens. By forging these tokens, an attacker can successfully bypass authentication mechanisms, impersonate privileged users, and gain unauthorized administrative access. Consequently, this enables full control over the host machine, potentially leading to severe consequences such as sensitive data exposure, unauthorized command execution, privilege escalation, or further lateral movement within the network environment. This issue is patched in version 1.6.1. A workaround for this vulnerability involves replacing the hardcoded secret with a securely generated value and load it from secure configuration storage.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-30206",
          "url": "https://www.suse.com/security/cve/CVE-2025-30206"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-23T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2025-30206"
    },
    {
      "cve": "CVE-2025-31363",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-31363"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mattermost versions 10.4.x \u003c= 10.4.2, 10.5.x \u003c= 10.5.0, 9.11.x \u003c= 9.11.9 fail to restrict domains the LLM can request to contact upstream  which allows an authenticated user to  exfiltrate data from an arbitrary server accessible to the victim via performing a prompt injection  in the AI plugin\u0027s Jira tool.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-31363",
          "url": "https://www.suse.com/security/cve/CVE-2025-31363"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-23T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2025-31363"
    },
    {
      "cve": "CVE-2025-32093",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-32093"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mattermost versions 10.5.x \u003c= 10.5.1, 10.4.x \u003c= 10.4.3, 9.11.x \u003c= 9.11.9 fail to restrict certain operations on system admins to only other system admins, which allows delegated granular administration users with the \"Edit Other Users\" permission to perform unauthorized modifications to system administrators via improper permission validation.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-32093",
          "url": "https://www.suse.com/security/cve/CVE-2025-32093"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-23T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-32093"
    },
    {
      "cve": "CVE-2025-32431",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-32431"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Traefik (pronounced traffic) is an HTTP reverse proxy and load balancer. In versions prior to 2.11.24, 3.3.6, and 3.4.0-rc2. There is a potential vulnerability in Traefik managing the requests using a PathPrefix, Path or PathRegex matcher. When Traefik is configured to route the requests to a backend using a matcher based on the path, if the URL contains a /../ in its path, it\u0027s possible to target a backend, exposed using another router, by-passing the middlewares chain. This issue has been patched in versions 2.11.24, 3.3.6, and 3.4.0-rc2. A workaround involves adding a `PathRegexp` rule to the matcher to prevent matching a route with a `/../` in the path.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-32431",
          "url": "https://www.suse.com/security/cve/CVE-2025-32431"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-23T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-32431"
    },
    {
      "cve": "CVE-2025-32445",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-32445"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Argo Events is an event-driven workflow automation framework for Kubernetes. A user with permission to create/modify EventSource and Sensor custom resources can gain privileged access to the host system and cluster, even without having direct administrative privileges. The EventSource and Sensor CRs allow the corresponding orchestrated pod to be customized with spec.template and spec.template.container (with type k8s.io/api/core/v1.Container), thus, any specification under container such as command, args, securityContext , volumeMount can be specified, and applied to the EventSource or Sensor pod. With these, a user would be able to gain privileged access to the cluster host, if he/she specified the EventSource/Sensor CR with some particular properties under template. This vulnerability is fixed in v1.9.6.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-32445",
          "url": "https://www.suse.com/security/cve/CVE-2025-32445"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-23T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2025-32445"
    },
    {
      "cve": "CVE-2025-32793",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-32793"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.15.0 to 1.15.15, 1.16.0 to 1.16.8, and 1.17.0 to 1.17.2, are vulnerable when using Wireguard transparent encryption in a Cilium cluster, packets that originate from a terminating endpoint can leave the source node without encryption due to a race condition in how traffic is processed by Cilium. This issue has been patched in versions 1.15.16, 1.16.9, and 1.17.3. There are no workarounds available for this issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-32793",
          "url": "https://www.suse.com/security/cve/CVE-2025-32793"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-23T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2025-32793"
    },
    {
      "cve": "CVE-2025-32963",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-32963"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "MinIO Operator STS is a native IAM Authentication for Kubernetes. Prior to version 7.1.0, if no audiences are provided for the `spec.audiences` field, the default will be of the Kubernetes apiserver. Without scoping, it can be replayed to other internal systems, which may unintentionally trust it. This issue has been patched in version 7.1.0.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-32963",
          "url": "https://www.suse.com/security/cve/CVE-2025-32963"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-23T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-32963"
    },
    {
      "cve": "CVE-2025-3801",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-3801"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability was found in songquanpeng one-api up to 0.6.10. It has been classified as problematic. This affects an unknown part of the component System Setting Handler. The manipulation of the argument Homepage Content/About System/Footer leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-3801",
          "url": "https://www.suse.com/security/cve/CVE-2025-3801"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-23T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-3801"
    },
    {
      "cve": "CVE-2025-43970",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-43970"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g., by ensuring that there are 12 bytes or 36 bytes (depending on the address family).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-43970",
          "url": "https://www.suse.com/security/cve/CVE-2025-43970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1246518 for CVE-2025-43970",
          "url": "https://bugzilla.suse.com/1246518"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-23T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-43970"
    },
    {
      "cve": "CVE-2025-43971",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-43971"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in GoBGP before 3.35.0. pkg/packet/bgp/bgp.go allows attackers to cause a panic via a zero value for softwareVersionLen.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-43971",
          "url": "https://www.suse.com/security/cve/CVE-2025-43971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1241606 for CVE-2025-43971",
          "url": "https://bugzilla.suse.com/1241606"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-23T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-43971"
    },
    {
      "cve": "CVE-2025-43972",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-43972"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in GoBGP before 3.35.0. An attacker can cause a crash in the pkg/packet/bgp/bgp.go flowspec parser by sending fewer than 20 bytes in a certain context.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-43972",
          "url": "https://www.suse.com/security/cve/CVE-2025-43972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1246521 for CVE-2025-43972",
          "url": "https://bugzilla.suse.com/1246521"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-23T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-43972"
    },
    {
      "cve": "CVE-2025-43973",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-43973"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in GoBGP before 3.35.0. pkg/packet/rtr/rtr.go does not verify that the input length corresponds to a situation in which all bytes are available for an RTR message.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
          "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-43973",
          "url": "https://www.suse.com/security/cve/CVE-2025-43973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.aarch64",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.ppc64le",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.s390x",
            "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250422T181640-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-23T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2025-43973"
    }
  ]
}

CVE-2025-24866 (GCVE-0-2025-24866)

Vulnerability from cvelistv5

Published

2025-04-10 15:33

Modified

2025-04-10 15:43

Severity ?

2.7 (Low) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

CWE

CWE-863 - Incorrect Authorization

Summary

Mattermost versions 9.11.x <= 9.11.8 fail to enforce proper access controls on the /api/v4/audits endpoint, allowing users with delegated granular administration roles who lack access to Compliance Monitoring to retrieve User Activity Logs.

References

►

URL

Tags

https://mattermost.com/security-updates

Impacted products

	Vendor	Product	Version
	Mattermost	Mattermost	Version: 9.11.0 ≤ 9.11.8

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-24866",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-10T15:43:44.796100Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-10T15:43:54.351Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Mattermost",
          "vendor": "Mattermost",
          "versions": [
            {
              "lessThanOrEqual": "9.11.8",
              "status": "affected",
              "version": "9.11.0",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "10.5.0"
            },
            {
              "status": "unaffected",
              "version": "9.11.9"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "BasilJawan"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eMattermost versions 9.11.x \u0026lt;= 9.11.8\u0026nbsp; fail to enforce proper access controls on the /api/v4/audits endpoint, allowing users with delegated granular administration roles who lack access to Compliance Monitoring to retrieve User Activity Logs.\u003c/p\u003e"
            }
          ],
          "value": "Mattermost versions 9.11.x \u003c= 9.11.8\u00a0 fail to enforce proper access controls on the /api/v4/audits endpoint, allowing users with delegated granular administration roles who lack access to Compliance Monitoring to retrieve User Activity Logs."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 2.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-863",
              "description": "CWE-863: Incorrect Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-10T15:33:21.882Z",
        "orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
        "shortName": "Mattermost"
      },
      "references": [
        {
          "url": "https://mattermost.com/security-updates"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eUpdate Mattermost to versions 10.5.0, 9.11.9 or higher.\u003c/p\u003e"
            }
          ],
          "value": "Update Mattermost to versions 10.5.0, 9.11.9 or higher."
        }
      ],
      "source": {
        "advisory": "MMSA-2024-00416",
        "defect": [
          "https://mattermost.atlassian.net/browse/MM-62020"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Unauthorized Access to User Activity Logs API by delegated granular administration roles",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
    "assignerShortName": "Mattermost",
    "cveId": "CVE-2025-24866",
    "datePublished": "2025-04-10T15:33:21.882Z",
    "dateReserved": "2025-03-20T08:20:28.204Z",
    "dateUpdated": "2025-04-10T15:43:54.351Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-1386 (GCVE-0-2025-1386)

Vulnerability from cvelistv5

Published

2025-04-11 04:27

Modified

2025-04-11 16:01

Severity ?

5.9 (Medium) - CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

CWE

Query smuggling

Summary

When using the ch-go library, under a specific condition when the query includes a large, uncompressed malicious external data, it is possible for an attacker in control of such data to smuggle another query packet into the connection stream.

References

►

URL

Tags

https://github.com/ClickHouse/ch-go/security/advisories/GHSA-m454-3xv7-qj85

Impacted products

	Vendor	Product	Version
	ch-go	ch-go	Version: 0 < 0.65.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-1386",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-11T14:48:34.359780Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-444",
                "description": "CWE-444 Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-11T16:01:28.660Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/ClickHouse/ch-go",
          "defaultStatus": "unaffected",
          "packageName": "ch-go",
          "product": "ch-go",
          "repo": "https://github.com/ClickHouse/ch-go",
          "vendor": "ch-go",
          "versions": [
            {
              "lessThan": "0.65.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "lixts"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eWhen using the ch-go library, under a specific condition when the query includes a large, uncompressed malicious external data, it is possible for an attacker in control of such data to smuggle another query packet into the connection stream.\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "When using the ch-go library, under a specific condition when the query includes a large, uncompressed malicious external data, it is possible for an attacker in control of such data to smuggle another query packet into the connection stream."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-66",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-66 SQL Injection"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "HIGH",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "HIGH",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Query smuggling",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-11T04:34:41.036Z",
        "orgId": "cb7ba516-3b07-4c98-b0c2-715220f1a8f6",
        "shortName": "ClickHouse"
      },
      "references": [
        {
          "url": "https://github.com/ClickHouse/ch-go/security/advisories/GHSA-m454-3xv7-qj85"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Query smuggling in ch-go library",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cb7ba516-3b07-4c98-b0c2-715220f1a8f6",
    "assignerShortName": "ClickHouse",
    "cveId": "CVE-2025-1386",
    "datePublished": "2025-04-11T04:27:35.846Z",
    "dateReserved": "2025-02-17T02:21:07.315Z",
    "dateUpdated": "2025-04-11T16:01:28.660Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-2475 (GCVE-0-2025-2475)

Vulnerability from cvelistv5

Published

2025-04-14 14:49

Modified

2025-04-14 14:59

Severity ?

5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

CWE

CWE-303 - Incorrect Implementation of Authentication Algorithm

Summary

Mattermost versions 10.5.x <= 10.5.1, 10.4.x <= 10.4.3, 9.11.x <= 9.11.9 fail to invalidate the cache when a user account is converted to a bot which allows an attacker to login to the bot exactly one time via normal credentials.

References

►

URL

Tags

https://mattermost.com/security-updates

Impacted products

	Vendor	Product	Version
	Mattermost	Mattermost	Version: 10.5.0 ≤ 10.5.1 Version: 10.4.0 ≤ 10.4.3 Version: 9.11.0 ≤ 9.11.9

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-2475",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-14T14:59:10.451579Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-14T14:59:27.677Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Mattermost",
          "vendor": "Mattermost",
          "versions": [
            {
              "lessThanOrEqual": "10.5.1",
              "status": "affected",
              "version": "10.5.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.4.3",
              "status": "affected",
              "version": "10.4.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.11.9",
              "status": "affected",
              "version": "9.11.0",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "10.6.0"
            },
            {
              "status": "unaffected",
              "version": "10.5.2"
            },
            {
              "status": "unaffected",
              "version": "10.4.4"
            },
            {
              "status": "unaffected",
              "version": "9.11.10"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "eAhmed"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eMattermost versions 10.5.x \u0026lt;= 10.5.1, 10.4.x \u0026lt;= 10.4.3, 9.11.x \u0026lt;= 9.11.9 fail to invalidate the cache when a user account is converted to a bot which allows an attacker to login to the bot exactly one time via normal credentials.\u003c/p\u003e"
            }
          ],
          "value": "Mattermost versions 10.5.x \u003c= 10.5.1, 10.4.x \u003c= 10.4.3, 9.11.x \u003c= 9.11.9 fail to invalidate the cache when a user account is converted to a bot which allows an attacker to login to the bot exactly one time via normal credentials."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-303",
              "description": "CWE-303: Incorrect Implementation of Authentication Algorithm",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-14T14:49:36.261Z",
        "orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
        "shortName": "Mattermost"
      },
      "references": [
        {
          "url": "https://mattermost.com/security-updates"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eUpdate Mattermost to versions 10.6.0, 10.5.2, 10.4.4, 9.11.10 or higher.\u003c/p\u003e"
            }
          ],
          "value": "Update Mattermost to versions 10.6.0, 10.5.2, 10.4.4, 9.11.10 or higher."
        }
      ],
      "source": {
        "advisory": "MMSA-2025-00437",
        "defect": [
          "https://mattermost.atlassian.net/browse/MM-62836"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Unauthorized Bot Login Using Credentials",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
    "assignerShortName": "Mattermost",
    "cveId": "CVE-2025-2475",
    "datePublished": "2025-04-14T14:49:36.261Z",
    "dateReserved": "2025-03-17T20:09:08.696Z",
    "dateUpdated": "2025-04-14T14:59:27.677Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-2564 (GCVE-0-2025-2564)

Vulnerability from cvelistv5

Published

2025-04-16 16:12

Modified

2025-04-17 19:41

Severity ?

4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE

CWE-863 - Incorrect Authorization

Summary

Mattermost versions 10.5.x <= 10.5.1, 10.4.x <= 10.4.3, 9.11.x <= 9.11.9 fail to properly enforce the 'Allow users to view/update archived channels' System Console setting, which allows authenticated users to view members and member information of archived channels even when this setting is disabled.

References

►

URL

Tags

https://mattermost.com/security-updates

Impacted products

	Vendor	Product	Version
	Mattermost	Mattermost	Version: 10.5.0 ≤ 10.5.1 Version: 10.4.0 ≤ 10.4.3 Version: 9.11.0 ≤ 9.11.9

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-2564",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-16T18:05:36.313478Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-17T19:41:45.158Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Mattermost",
          "vendor": "Mattermost",
          "versions": [
            {
              "lessThanOrEqual": "10.5.1",
              "status": "affected",
              "version": "10.5.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.4.3",
              "status": "affected",
              "version": "10.4.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.11.9",
              "status": "affected",
              "version": "9.11.0",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "10.6.0"
            },
            {
              "status": "unaffected",
              "version": "10.5.2"
            },
            {
              "status": "unaffected",
              "version": "10.4.4"
            },
            {
              "status": "unaffected",
              "version": "9.11.10"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "hackit_bharat"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eMattermost versions 10.5.x \u0026lt;= 10.5.1, 10.4.x \u0026lt;= 10.4.3, 9.11.x \u0026lt;= 9.11.9 fail to properly enforce the \u0027Allow users to view/update archived channels\u0027 System Console setting, which allows authenticated users to view members and member information of archived channels even when this setting is disabled.\u003cbr\u003e\u003c/p\u003e"
            }
          ],
          "value": "Mattermost versions 10.5.x \u003c= 10.5.1, 10.4.x \u003c= 10.4.3, 9.11.x \u003c= 9.11.9 fail to properly enforce the \u0027Allow users to view/update archived channels\u0027 System Console setting, which allows authenticated users to view members and member information of archived channels even when this setting is disabled."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-863",
              "description": "CWE-863: Incorrect Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-16T16:12:14.742Z",
        "orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
        "shortName": "Mattermost"
      },
      "references": [
        {
          "url": "https://mattermost.com/security-updates"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eUpdate Mattermost to versions 10.6.0, 10.5.2, 10.4.4, 9.11.10 or higher.\u003c/p\u003e"
            }
          ],
          "value": "Update Mattermost to versions 10.6.0, 10.5.2, 10.4.4, 9.11.10 or higher."
        }
      ],
      "source": {
        "advisory": "MMSA-2025-00436",
        "defect": [
          "https://mattermost.atlassian.net/browse/MM-62797"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Unauthorized View Access to Archived Channel Member Info",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
    "assignerShortName": "Mattermost",
    "cveId": "CVE-2025-2564",
    "datePublished": "2025-04-16T16:12:14.742Z",
    "dateReserved": "2025-03-20T15:06:29.971Z",
    "dateUpdated": "2025-04-17T19:41:45.158Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-24358 (GCVE-0-2025-24358)

Vulnerability from cvelistv5

Published

2025-04-15 18:57

Modified

2025-05-01 11:02

Severity ?

5.4 (Medium) - CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P

CWE

CWE-352 - Cross-Site Request Forgery (CSRF)

Summary

gorilla/csrf provides Cross Site Request Forgery (CSRF) prevention middleware for Go web applications & services. Prior to 1.7.2, gorilla/csrf does not validate the Origin header against an allowlist. Its executes its validation of the Referer header for cross-origin requests only when it believes the request is being served over TLS. It determines this by inspecting the r.URL.Scheme value. However, this value is never populated for "server" requests per the Go spec, and so this check does not run in practice. This vulnerability allows an attacker who has gained XSS on a subdomain or top level domain to perform authenticated form submissions against gorilla/csrf protected targets that share the same top level domain. This vulnerability is fixed in 1.7.2.

References

►

URL

Tags

	https://github.com/gorilla/csrf/security/advisories/GHSA-rq77-p4h8-4crw	x_refsource_CONFIRM
	https://github.com/gorilla/csrf/commit/9dd6af1f6d30fc79fb0d972394deebdabad6b5eb	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	gorilla	csrf	Version: < 1.7.3

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-24358",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-15T19:53:35.649680Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-15T20:03:47.479Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-05-01T11:02:45.986Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00002.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "csrf",
          "vendor": "gorilla",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.7.3"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "gorilla/csrf provides Cross Site Request Forgery (CSRF) prevention middleware for Go web applications \u0026 services. Prior to 1.7.2, gorilla/csrf does not validate the Origin header against an allowlist. Its executes its validation of the Referer header for cross-origin requests only when it believes the request is being served over TLS. It determines this by inspecting the r.URL.Scheme value. However, this value is never populated for \"server\" requests per the Go spec, and so this check does not run in practice. This vulnerability allows an attacker who has gained XSS on a subdomain or top level domain to perform authenticated form submissions against gorilla/csrf protected targets that share the same top level domain. This vulnerability is fixed in 1.7.2."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "PASSIVE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "HIGH"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-352",
              "description": "CWE-352: Cross-Site Request Forgery (CSRF)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-15T18:57:40.559Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/gorilla/csrf/security/advisories/GHSA-rq77-p4h8-4crw",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/gorilla/csrf/security/advisories/GHSA-rq77-p4h8-4crw"
        },
        {
          "name": "https://github.com/gorilla/csrf/commit/9dd6af1f6d30fc79fb0d972394deebdabad6b5eb",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/gorilla/csrf/commit/9dd6af1f6d30fc79fb0d972394deebdabad6b5eb"
        }
      ],
      "source": {
        "advisory": "GHSA-rq77-p4h8-4crw",
        "discovery": "UNKNOWN"
      },
      "title": "gorilla/csrf CSRF vulnerability due to broken Referer validation"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-24358",
    "datePublished": "2025-04-15T18:57:40.559Z",
    "dateReserved": "2025-01-20T15:18:26.989Z",
    "dateUpdated": "2025-05-01T11:02:45.986Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-32445 (GCVE-0-2025-32445)

Vulnerability from cvelistv5

Published

2025-04-15 19:22

Modified

2025-04-15 20:07

Severity ?

9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-250 - Execution with Unnecessary Privileges

Summary

Argo Events is an event-driven workflow automation framework for Kubernetes. A user with permission to create/modify EventSource and Sensor custom resources can gain privileged access to the host system and cluster, even without having direct administrative privileges. The EventSource and Sensor CRs allow the corresponding orchestrated pod to be customized with spec.template and spec.template.container (with type k8s.io/api/core/v1.Container), thus, any specification under container such as command, args, securityContext , volumeMount can be specified, and applied to the EventSource or Sensor pod. With these, a user would be able to gain privileged access to the cluster host, if he/she specified the EventSource/Sensor CR with some particular properties under template. This vulnerability is fixed in v1.9.6.

References

►

URL

Tags

	https://github.com/argoproj/argo-events/security/advisories/GHSA-hmp7-x699-cvhq	x_refsource_CONFIRM
	https://github.com/argoproj/argo-events/commit/18412293a699f559848b00e6e459c9ce2de0d3e2	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	argoproj	argo-events	Version: < 1.9.6

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-32445",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-15T20:06:43.801084Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-15T20:07:10.640Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "argo-events",
          "vendor": "argoproj",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.9.6"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Argo Events is an event-driven workflow automation framework for Kubernetes. A user with permission to create/modify EventSource and Sensor custom resources can gain privileged access to the host system and cluster, even without having direct administrative privileges. The EventSource and Sensor CRs allow the corresponding orchestrated pod to be customized with spec.template and spec.template.container (with type k8s.io/api/core/v1.Container), thus, any specification under container such as command, args, securityContext , volumeMount can be specified, and applied to the EventSource or Sensor pod. With these, a user would be able to gain privileged access to the cluster host, if he/she specified the EventSource/Sensor CR with some particular properties under template. This vulnerability is fixed in v1.9.6."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-250",
              "description": "CWE-250: Execution with Unnecessary Privileges",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-15T19:22:36.051Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/argoproj/argo-events/security/advisories/GHSA-hmp7-x699-cvhq",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/argoproj/argo-events/security/advisories/GHSA-hmp7-x699-cvhq"
        },
        {
          "name": "https://github.com/argoproj/argo-events/commit/18412293a699f559848b00e6e459c9ce2de0d3e2",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/argoproj/argo-events/commit/18412293a699f559848b00e6e459c9ce2de0d3e2"
        }
      ],
      "source": {
        "advisory": "GHSA-hmp7-x699-cvhq",
        "discovery": "UNKNOWN"
      },
      "title": "Users can gain privileged access to the host system and cluster with EventSource and Sensor CR"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-32445",
    "datePublished": "2025-04-15T19:22:36.051Z",
    "dateReserved": "2025-04-08T10:54:58.369Z",
    "dateUpdated": "2025-04-15T20:07:10.640Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-43970 (GCVE-0-2025-43970)

Vulnerability from cvelistv5

Published

2025-04-21 00:00

Modified

2025-04-21 01:56

Severity ?

4.3 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

CWE

CWE-1284 - Improper Validation of Specified Quantity in Input

Summary

An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g., by ensuring that there are 12 bytes or 36 bytes (depending on the address family).

References

►

URL

Tags

	https://github.com/osrg/gobgp/compare/v3.34.0...v3.35.0
	https://github.com/osrg/gobgp/commit/5153bafbe8dbe1a2f02a70bbf0365e98b80e47b0

Impacted products

	Vendor	Product	Version
	GoBGP	GoBGP	Version: 0 ≤

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-43970",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-21T01:55:58.901977Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-21T01:56:11.101Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "GoBGP",
          "vendor": "GoBGP",
          "versions": [
            {
              "lessThan": "3.35.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g., by ensuring that there are 12 bytes or 36 bytes (depending on the address family)."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1284",
              "description": "CWE-1284 Improper Validation of Specified Quantity in Input",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-21T01:13:53.787Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/osrg/gobgp/compare/v3.34.0...v3.35.0"
        },
        {
          "url": "https://github.com/osrg/gobgp/commit/5153bafbe8dbe1a2f02a70bbf0365e98b80e47b0"
        }
      ],
      "x_generator": {
        "engine": "enrichogram 0.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2025-43970",
    "datePublished": "2025-04-21T00:00:00.000Z",
    "dateReserved": "2025-04-21T00:00:00.000Z",
    "dateUpdated": "2025-04-21T01:56:11.101Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-30206 (GCVE-0-2025-30206)

Vulnerability from cvelistv5

Published

2025-04-15 19:14

Modified

2025-04-15 19:58

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-321 - Use of Hard-coded Cryptographic Key
CWE-453 - Insecure Default Variable Initialization
CWE-547 - Use of Hard-coded, Security-relevant Constants

Summary

Dpanel is a Docker visualization panel system which provides complete Docker management functions. The Dpanel service contains a hardcoded JWT secret in its default configuration, allowing attackers to generate valid JWT tokens and compromise the host machine. This security flaw allows attackers to analyze the source code, discover the embedded secret, and craft legitimate JWT tokens. By forging these tokens, an attacker can successfully bypass authentication mechanisms, impersonate privileged users, and gain unauthorized administrative access. Consequently, this enables full control over the host machine, potentially leading to severe consequences such as sensitive data exposure, unauthorized command execution, privilege escalation, or further lateral movement within the network environment. This issue is patched in version 1.6.1. A workaround for this vulnerability involves replacing the hardcoded secret with a securely generated value and load it from secure configuration storage.

References

►

URL

Tags

https://github.com/donknap/dpanel/security/advisories/GHSA-j752-cjcj-w847

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	donknap	dpanel	Version: < 1.6.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-30206",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-15T19:58:33.579367Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-15T19:58:52.725Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "dpanel",
          "vendor": "donknap",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.6.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Dpanel is a Docker visualization panel system which provides complete Docker management functions. The Dpanel service contains a hardcoded JWT secret in its default configuration, allowing attackers to generate valid JWT tokens and compromise the host machine. This security flaw allows attackers to analyze the source code, discover the embedded secret, and craft legitimate JWT tokens. By forging these tokens, an attacker can successfully bypass authentication mechanisms, impersonate privileged users, and gain unauthorized administrative access. Consequently, this enables full control over the host machine, potentially leading to severe consequences such as sensitive data exposure, unauthorized command execution, privilege escalation, or further lateral movement within the network environment. This issue is patched in version 1.6.1. A workaround for this vulnerability involves replacing the hardcoded secret with a securely generated value and load it from secure configuration storage."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-321",
              "description": "CWE-321: Use of Hard-coded Cryptographic Key",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-453",
              "description": "CWE-453: Insecure Default Variable Initialization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-547",
              "description": "CWE-547: Use of Hard-coded, Security-relevant Constants",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-15T19:14:41.450Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/donknap/dpanel/security/advisories/GHSA-j752-cjcj-w847",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/donknap/dpanel/security/advisories/GHSA-j752-cjcj-w847"
        }
      ],
      "source": {
        "advisory": "GHSA-j752-cjcj-w847",
        "discovery": "UNKNOWN"
      },
      "title": "Dpanel\u0027s hard-coded JWT secret leads to remote code execution"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-30206",
    "datePublished": "2025-04-15T19:14:41.450Z",
    "dateReserved": "2025-03-18T18:15:13.849Z",
    "dateUpdated": "2025-04-15T19:58:52.725Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-24839 (GCVE-0-2025-24839)

Vulnerability from cvelistv5

Published

2025-04-16 07:44

Modified

2025-04-16 14:34

Severity ?

3.1 (Low) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N

CWE

CWE-863 - Incorrect Authorization

Summary

Mattermost versions 10.5.x <= 10.5.1, 10.4.x <= 10.4.3, 9.11.x <= 9.11.9 fail to prevent Wrangler posts from triggering AI responses. This vulnerability allows users without access to the AI bot to activate it by attaching the activate_ai override property to a post via the Wrangler plugin, provided both the AI and Wrangler plugins are enabled.

References

►

URL

Tags

https://mattermost.com/security-updates

Impacted products

	Vendor	Product	Version
	Mattermost	Mattermost	Version: 10.5.0 ≤ 10.5.1 Version: 10.4.0 ≤ 10.4.3 Version: 9.11.0 ≤ 9.11.9

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-24839",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-16T14:20:01.830079Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-16T14:34:44.172Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Mattermost",
          "vendor": "Mattermost",
          "versions": [
            {
              "lessThanOrEqual": "10.5.1",
              "status": "affected",
              "version": "10.5.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.4.3",
              "status": "affected",
              "version": "10.4.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.11.9",
              "status": "affected",
              "version": "9.11.0",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "10.6.0"
            },
            {
              "status": "unaffected",
              "version": "10.5.2"
            },
            {
              "status": "unaffected",
              "version": "10.4.4"
            },
            {
              "status": "unaffected",
              "version": "9.11.10"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Juho Fors\u00e9n"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Mattermost versions 10.5.x \u0026lt;= 10.5.1, 10.4.x \u0026lt;= 10.4.3, 9.11.x \u0026lt;= 9.11.9 fail to prevent Wrangler posts from triggering AI responses. This vulnerability allows users without access to the AI bot to activate it by attaching the activate_ai override property to a post via the Wrangler plugin, provided both the AI and Wrangler plugins are enabled.\u003cbr\u003e"
            }
          ],
          "value": "Mattermost versions 10.5.x \u003c= 10.5.1, 10.4.x \u003c= 10.4.3, 9.11.x \u003c= 9.11.9 fail to prevent Wrangler posts from triggering AI responses. This vulnerability allows users without access to the AI bot to activate it by attaching the activate_ai override property to a post via the Wrangler plugin, provided both the AI and Wrangler plugins are enabled."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-863",
              "description": "CWE-863: Incorrect Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-16T07:44:20.844Z",
        "orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
        "shortName": "Mattermost"
      },
      "references": [
        {
          "url": "https://mattermost.com/security-updates"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eUpdate Mattermost to versions 10.6.0, 10.5.2, 10.4.4, 9.11.10 or higher.\u003c/p\u003e"
            }
          ],
          "value": "Update Mattermost to versions 10.6.0, 10.5.2, 10.4.4, 9.11.10 or higher."
        }
      ],
      "source": {
        "advisory": "MMSA-2024-00410",
        "defect": [
          "https://mattermost.atlassian.net/browse/MM-61788"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Unauthorized AI bot activation via Wrangler plugin",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
    "assignerShortName": "Mattermost",
    "cveId": "CVE-2025-24839",
    "datePublished": "2025-04-16T07:44:20.844Z",
    "dateReserved": "2025-04-08T07:50:19.645Z",
    "dateUpdated": "2025-04-16T14:34:44.172Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-27571 (GCVE-0-2025-27571)

Vulnerability from cvelistv5

Published

2025-04-16 07:45

Modified

2025-04-16 14:34

Severity ?

4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE

CWE-863 - Incorrect Authorization

Summary

Mattermost versions 10.5.x <= 10.5.1, 10.4.x <= 10.4.3, 9.11.x <= 9.11.9 fail to check the "Allow Users to View Archived Channels" configuration when fetching channel metadata of a post from archived channels, which allows authenticated users to access such information when a channel is archived.

References

►

URL

Tags

https://mattermost.com/security-updates

Impacted products

	Vendor	Product	Version
	Mattermost	Mattermost	Version: 10.5.0 ≤ 10.5.1 Version: 10.4.0 ≤ 10.4.3 Version: 9.11.0 ≤ 9.11.9

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-27571",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-16T14:19:48.223409Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-16T14:34:19.313Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Mattermost",
          "vendor": "Mattermost",
          "versions": [
            {
              "lessThanOrEqual": "10.5.1",
              "status": "affected",
              "version": "10.5.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.4.3",
              "status": "affected",
              "version": "10.4.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.11.9",
              "status": "affected",
              "version": "9.11.0",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "10.6.0"
            },
            {
              "status": "unaffected",
              "version": "10.5.2"
            },
            {
              "status": "unaffected",
              "version": "10.4.4"
            },
            {
              "status": "unaffected",
              "version": "9.11.10"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "hackit_bharat"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eMattermost versions 10.5.x \u0026lt;= 10.5.1, 10.4.x \u0026lt;= 10.4.3, 9.11.x \u0026lt;= 9.11.9 fail to check the \"Allow Users to View Archived Channels\" configuration when fetching channel metadata of a post from archived channels, which allows authenticated users to access such information when a channel is archived.\u0026nbsp;\u003c/p\u003e"
            }
          ],
          "value": "Mattermost versions 10.5.x \u003c= 10.5.1, 10.4.x \u003c= 10.4.3, 9.11.x \u003c= 9.11.9 fail to check the \"Allow Users to View Archived Channels\" configuration when fetching channel metadata of a post from archived channels, which allows authenticated users to access such information when a channel is archived."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-863",
              "description": "CWE-863: Incorrect Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-16T07:45:58.802Z",
        "orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
        "shortName": "Mattermost"
      },
      "references": [
        {
          "url": "https://mattermost.com/security-updates"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eUpdate Mattermost to versions 10.6.0, 10.5.2, 10.4.4, 9.11.10 or higher.\u003c/p\u003e"
            }
          ],
          "value": "Update Mattermost to versions 10.6.0, 10.5.2, 10.4.4, 9.11.10 or higher."
        }
      ],
      "source": {
        "advisory": "MMSA-2025-00452",
        "defect": [
          "https://mattermost.atlassian.net/browse/MM-63192"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Channel metadata visible in archived channels despite configuration setting",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
    "assignerShortName": "Mattermost",
    "cveId": "CVE-2025-27571",
    "datePublished": "2025-04-16T07:45:58.802Z",
    "dateReserved": "2025-04-08T07:50:19.660Z",
    "dateUpdated": "2025-04-16T14:34:19.313Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-32793 (GCVE-0-2025-32793)

Vulnerability from cvelistv5

Published

2025-04-21 15:34

Modified

2025-04-21 15:48

Severity ?

4.0 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N

CWE

CWE-319 - Cleartext Transmission of Sensitive Information

Summary

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.15.0 to 1.15.15, 1.16.0 to 1.16.8, and 1.17.0 to 1.17.2, are vulnerable when using Wireguard transparent encryption in a Cilium cluster, packets that originate from a terminating endpoint can leave the source node without encryption due to a race condition in how traffic is processed by Cilium. This issue has been patched in versions 1.15.16, 1.16.9, and 1.17.3. There are no workarounds available for this issue.

References

►

URL

Tags

	https://github.com/cilium/cilium/security/advisories/GHSA-5vxx-c285-pcq4	x_refsource_CONFIRM
	https://github.com/cilium/cilium/pull/38592	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	cilium	cilium	Version: >= v1.13.0, < v1.15.16 Version: >= v1.16.0, < v1.16.9 Version: >= v1.17.0, < v1.17.3

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-32793",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-21T15:48:39.310786Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-21T15:48:55.214Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "cilium",
          "vendor": "cilium",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= v1.13.0, \u003c v1.15.16"
            },
            {
              "status": "affected",
              "version": "\u003e= v1.16.0, \u003c v1.16.9"
            },
            {
              "status": "affected",
              "version": "\u003e= v1.17.0, \u003c v1.17.3"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.15.0 to 1.15.15, 1.16.0 to 1.16.8, and 1.17.0 to 1.17.2, are vulnerable when using Wireguard transparent encryption in a Cilium cluster, packets that originate from a terminating endpoint can leave the source node without encryption due to a race condition in how traffic is processed by Cilium. This issue has been patched in versions 1.15.16, 1.16.9, and 1.17.3. There are no workarounds available for this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-319",
              "description": "CWE-319: Cleartext Transmission of Sensitive Information",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-21T15:34:14.315Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/cilium/cilium/security/advisories/GHSA-5vxx-c285-pcq4",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/cilium/cilium/security/advisories/GHSA-5vxx-c285-pcq4"
        },
        {
          "name": "https://github.com/cilium/cilium/pull/38592",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/cilium/cilium/pull/38592"
        }
      ],
      "source": {
        "advisory": "GHSA-5vxx-c285-pcq4",
        "discovery": "UNKNOWN"
      },
      "title": "Cilium packets from terminating endpoints may not be encrypted in Wireguard-enabled clusters"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-32793",
    "datePublished": "2025-04-21T15:34:14.315Z",
    "dateReserved": "2025-04-10T12:51:12.281Z",
    "dateUpdated": "2025-04-21T15:48:55.214Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-32963 (GCVE-0-2025-32963)

Vulnerability from cvelistv5

Published

2025-04-22 17:14

Modified

2025-04-25 16:03

Severity ?

6.9 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

CWE

CWE-522 - Insufficiently Protected Credentials

Summary

MinIO Operator STS is a native IAM Authentication for Kubernetes. Prior to version 7.1.0, if no audiences are provided for the `spec.audiences` field, the default will be of the Kubernetes apiserver. Without scoping, it can be replayed to other internal systems, which may unintentionally trust it. This issue has been patched in version 7.1.0.

References

►

URL

Tags

	https://github.com/minio/operator/security/advisories/GHSA-7m6v-q233-q9j9	x_refsource_CONFIRM
	https://github.com/minio/operator/releases/tag/v7.1.0	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	minio	operator	Version: < 7.1.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-32963",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-24T19:56:29.253678Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-25T16:03:14.020Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "operator",
          "vendor": "minio",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 7.1.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "MinIO Operator STS is a native IAM Authentication for Kubernetes. Prior to version 7.1.0, if no audiences are provided for the `spec.audiences` field, the default will be of the Kubernetes apiserver. Without scoping, it can be replayed to other internal systems, which may unintentionally trust it. This issue has been patched in version 7.1.0."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "NONE"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-522",
              "description": "CWE-522: Insufficiently Protected Credentials",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-22T17:14:56.958Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/minio/operator/security/advisories/GHSA-7m6v-q233-q9j9",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/minio/operator/security/advisories/GHSA-7m6v-q233-q9j9"
        },
        {
          "name": "https://github.com/minio/operator/releases/tag/v7.1.0",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/minio/operator/releases/tag/v7.1.0"
        }
      ],
      "source": {
        "advisory": "GHSA-7m6v-q233-q9j9",
        "discovery": "UNKNOWN"
      },
      "title": "Minio Operator uses Kubernetes apiserver audience for AssumeRoleWithWebIdentity STS"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-32963",
    "datePublished": "2025-04-22T17:14:56.958Z",
    "dateReserved": "2025-04-14T21:47:11.453Z",
    "dateUpdated": "2025-04-25T16:03:14.020Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-32431 (GCVE-0-2025-32431)

Vulnerability from cvelistv5

Published

2025-04-21 15:34

Modified

2025-04-21 15:55

Severity ?

8.8 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P

CWE

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Summary

Traefik (pronounced traffic) is an HTTP reverse proxy and load balancer. In versions prior to 2.11.24, 3.3.6, and 3.4.0-rc2. There is a potential vulnerability in Traefik managing the requests using a PathPrefix, Path or PathRegex matcher. When Traefik is configured to route the requests to a backend using a matcher based on the path, if the URL contains a /../ in its path, it’s possible to target a backend, exposed using another router, by-passing the middlewares chain. This issue has been patched in versions 2.11.24, 3.3.6, and 3.4.0-rc2. A workaround involves adding a `PathRegexp` rule to the matcher to prevent matching a route with a `/../` in the path.

References

►

URL

Tags

	https://github.com/traefik/traefik/security/advisories/GHSA-6p68-w45g-48j7	x_refsource_CONFIRM
	https://github.com/traefik/traefik/pull/11684	x_refsource_MISC
	https://github.com/traefik/traefik/releases/tag/v2.11.24	x_refsource_MISC
	https://github.com/traefik/traefik/releases/tag/v3.3.6	x_refsource_MISC
	https://github.com/traefik/traefik/releases/tag/v3.4.0-rc2	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	traefik	traefik	Version: < 2.11.24 Version: < 3.3.6 Version: >= 3.4.0-rc1, < 3.4.0-rc2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-32431",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-21T15:55:08.342564Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-21T15:55:15.087Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "traefik",
          "vendor": "traefik",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 2.11.24"
            },
            {
              "status": "affected",
              "version": "\u003c 3.3.6"
            },
            {
              "status": "affected",
              "version": "\u003e= 3.4.0-rc1, \u003c 3.4.0-rc2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Traefik (pronounced traffic) is an HTTP reverse proxy and load balancer. In versions prior to 2.11.24, 3.3.6, and 3.4.0-rc2. There is a potential vulnerability in Traefik managing the requests using a PathPrefix, Path or PathRegex matcher. When Traefik is configured to route the requests to a backend using a matcher based on the path, if the URL contains a /../ in its path, it\u2019s possible to target a backend, exposed using another router, by-passing the middlewares chain. This issue has been patched in versions 2.11.24, 3.3.6, and 3.4.0-rc2. A workaround involves adding a `PathRegexp` rule to the matcher to prevent matching a route with a `/../` in the path."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-21T15:34:04.637Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/traefik/traefik/security/advisories/GHSA-6p68-w45g-48j7",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/traefik/traefik/security/advisories/GHSA-6p68-w45g-48j7"
        },
        {
          "name": "https://github.com/traefik/traefik/pull/11684",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/traefik/traefik/pull/11684"
        },
        {
          "name": "https://github.com/traefik/traefik/releases/tag/v2.11.24",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/traefik/traefik/releases/tag/v2.11.24"
        },
        {
          "name": "https://github.com/traefik/traefik/releases/tag/v3.3.6",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/traefik/traefik/releases/tag/v3.3.6"
        },
        {
          "name": "https://github.com/traefik/traefik/releases/tag/v3.4.0-rc2",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/traefik/traefik/releases/tag/v3.4.0-rc2"
        }
      ],
      "source": {
        "advisory": "GHSA-6p68-w45g-48j7",
        "discovery": "UNKNOWN"
      },
      "title": "Traefik has a possible vulnerability with the path matchers"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-32431",
    "datePublished": "2025-04-21T15:34:04.637Z",
    "dateReserved": "2025-04-08T10:54:58.368Z",
    "dateUpdated": "2025-04-21T15:55:15.087Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-3801 (GCVE-0-2025-3801)

Vulnerability from cvelistv5

Published

2025-04-19 14:00

Modified

2025-04-21 13:53

Severity ?

4.8 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2.4 (Low) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N
2.4 (Low) - CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N

CWE

CWE-79 - Cross Site Scripting
CWE-94 - Code Injection

Summary

A vulnerability was found in songquanpeng one-api up to 0.6.10. It has been classified as problematic. This affects an unknown part of the component System Setting Handler. The manipulation of the argument Homepage Content/About System/Footer leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

References

►

URL

Tags

	https://vuldb.com/?id.305655	vdb-entry, technical-description
	https://vuldb.com/?ctiid.305655	signature, permissions-required
	https://vuldb.com/?submit.554702	third-party-advisory
	https://github.com/yaowenxiao721/Poc/blob/main/One-API/One-API-poc.md	exploit

Impacted products

	Vendor	Product	Version
	songquanpeng	one-api	Version: 0.6.0 Version: 0.6.1 Version: 0.6.2 Version: 0.6.3 Version: 0.6.4 Version: 0.6.5 Version: 0.6.6 Version: 0.6.7 Version: 0.6.8 Version: 0.6.9 Version: 0.6.10

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-3801",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-21T13:50:08.241382Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-21T13:53:30.617Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "modules": [
            "System Setting Handler"
          ],
          "product": "one-api",
          "vendor": "songquanpeng",
          "versions": [
            {
              "status": "affected",
              "version": "0.6.0"
            },
            {
              "status": "affected",
              "version": "0.6.1"
            },
            {
              "status": "affected",
              "version": "0.6.2"
            },
            {
              "status": "affected",
              "version": "0.6.3"
            },
            {
              "status": "affected",
              "version": "0.6.4"
            },
            {
              "status": "affected",
              "version": "0.6.5"
            },
            {
              "status": "affected",
              "version": "0.6.6"
            },
            {
              "status": "affected",
              "version": "0.6.7"
            },
            {
              "status": "affected",
              "version": "0.6.8"
            },
            {
              "status": "affected",
              "version": "0.6.9"
            },
            {
              "status": "affected",
              "version": "0.6.10"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "yaowenxiao (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in songquanpeng one-api up to 0.6.10. It has been classified as problematic. This affects an unknown part of the component System Setting Handler. The manipulation of the argument Homepage Content/About System/Footer leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
        },
        {
          "lang": "de",
          "value": "Es wurde eine Schwachstelle in songquanpeng one-api bis 0.6.10 ausgemacht. Sie wurde als problematisch eingestuft. Es betrifft eine unbekannte Funktion der Komponente System Setting Handler. Durch das Beeinflussen des Arguments Homepage Content/About System/Footer mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 2.4,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 2.4,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 3.3,
            "vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "Cross Site Scripting",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-94",
              "description": "Code Injection",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-21T13:50:46.422Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-305655 | songquanpeng one-api System Setting cross site scripting",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/?id.305655"
        },
        {
          "name": "VDB-305655 | CTI Indicators (IOB, IOC, TTP, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.305655"
        },
        {
          "name": "Submit #554702 | one api latest XSS",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.554702"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://github.com/yaowenxiao721/Poc/blob/main/One-API/One-API-poc.md"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-04-18T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-04-18T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-04-21T15:55:41.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "songquanpeng one-api System Setting cross site scripting"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-3801",
    "datePublished": "2025-04-19T14:00:11.397Z",
    "dateReserved": "2025-04-18T14:16:33.651Z",
    "dateUpdated": "2025-04-21T13:53:30.617Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-27538 (GCVE-0-2025-27538)

Vulnerability from cvelistv5

Published

2025-04-16 07:45

Modified

2025-04-16 14:34

Severity ?

2.2 (Low) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N

CWE

CWE-306 - Missing Authentication for Critical Function

Summary

Mattermost versions 10.5.x <= 10.5.1, 9.11.x <= 9.11.9 fail to enforce MFA checks in PUT /api/v4/users/user-id/mfa when the requesting user differs from the target user ID, which allows users with edit_other_users permission to activate or deactivate MFA for other users, even if those users have not set up MFA.

References

►

URL

Tags

https://mattermost.com/security-updates

Impacted products

	Vendor	Product	Version
	Mattermost	Mattermost	Version: 10.5.0 ≤ 10.5.1 Version: 9.11.0 ≤ 9.11.9

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-27538",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-16T14:19:54.492915Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-16T14:34:29.842Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Mattermost",
          "vendor": "Mattermost",
          "versions": [
            {
              "lessThanOrEqual": "10.5.1",
              "status": "affected",
              "version": "10.5.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.11.9",
              "status": "affected",
              "version": "9.11.0",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "10.6.0"
            },
            {
              "status": "unaffected",
              "version": "10.5.2"
            },
            {
              "status": "unaffected",
              "version": "9.11.10"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "0x7oda7123"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eMattermost versions 10.5.x \u0026lt;= 10.5.1, 9.11.x \u0026lt;= 9.11.9 fail to enforce MFA checks in PUT /api/v4/users/user-id/mfa when the requesting user differs from the target user ID, which allows users with edit_other_users permission to activate or deactivate MFA for other users, even if those users have not set up MFA.\u003c/p\u003e"
            }
          ],
          "value": "Mattermost versions 10.5.x \u003c= 10.5.1, 9.11.x \u003c= 9.11.9 fail to enforce MFA checks in PUT /api/v4/users/user-id/mfa when the requesting user differs from the target user ID, which allows users with edit_other_users permission to activate or deactivate MFA for other users, even if those users have not set up MFA."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 2.2,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-306",
              "description": "CWE-306: Missing Authentication for Critical Function",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-16T07:45:01.229Z",
        "orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
        "shortName": "Mattermost"
      },
      "references": [
        {
          "url": "https://mattermost.com/security-updates"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eUpdate Mattermost to versions 10.6.0, 10.5.2, 9.11.10 or higher.\u003c/p\u003e"
            }
          ],
          "value": "Update Mattermost to versions 10.6.0, 10.5.2, 9.11.10 or higher."
        }
      ],
      "source": {
        "advisory": "MMSA-2025-00453",
        "defect": [
          "https://mattermost.atlassian.net/browse/MM-63194"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "MFA Enforcement Bypass Allows Unauthorized Removal of MFA for Other Users",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
    "assignerShortName": "Mattermost",
    "cveId": "CVE-2025-27538",
    "datePublished": "2025-04-16T07:45:01.229Z",
    "dateReserved": "2025-04-08T07:50:19.654Z",
    "dateUpdated": "2025-04-16T14:34:29.842Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-31363 (GCVE-0-2025-31363)

Vulnerability from cvelistv5

Published

2025-04-16 09:14

Modified

2025-04-16 14:33

Severity ?

3.0 (Low) - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:N/A:N

CWE

CWE-1426 - Improper Validation of Generative AI Output

Summary

Mattermost versions 10.4.x <= 10.4.2, 10.5.x <= 10.5.0, 9.11.x <= 9.11.9 fail to restrict domains the LLM can request to contact upstream which allows an authenticated user to exfiltrate data from an arbitrary server accessible to the victim via performing a prompt injection in the AI plugin's Jira tool.

References

►

URL

Tags

https://mattermost.com/security-updates

Impacted products

	Vendor	Product	Version
	Mattermost	Mattermost	Version: 10.4.0 ≤ 10.4.2 Version: 10.5.0 Version: 9.11.0 ≤ 9.11.9

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-31363",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-16T14:19:20.968987Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-16T14:33:01.674Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Mattermost",
          "vendor": "Mattermost",
          "versions": [
            {
              "lessThanOrEqual": "10.4.2",
              "status": "affected",
              "version": "10.4.0",
              "versionType": "semver"
            },
            {
              "status": "affected",
              "version": "10.5.0"
            },
            {
              "lessThanOrEqual": "9.11.9",
              "status": "affected",
              "version": "9.11.0",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "10.6.0"
            },
            {
              "status": "unaffected",
              "version": "10.4.3"
            },
            {
              "status": "unaffected",
              "version": "10.5.1"
            },
            {
              "status": "unaffected",
              "version": "9.11.10"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Juho Fors\u00e9n"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eMattermost versions 10.4.x \u0026lt;= 10.4.2, 10.5.x \u0026lt;= 10.5.0, 9.11.x \u0026lt;= 9.11.9 fail to restrict domains the LLM can request to contact upstream\u0026nbsp;which allows an authenticated user to\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eexfiltrate data from an arbitrary server accessible to the victim via\u003c/span\u003e performing a prompt injection\u0026nbsp;in the AI plugin\u0027s Jira tool.\u003c/p\u003e"
            }
          ],
          "value": "Mattermost versions 10.4.x \u003c= 10.4.2, 10.5.x \u003c= 10.5.0, 9.11.x \u003c= 9.11.9 fail to restrict domains the LLM can request to contact upstream\u00a0which allows an authenticated user to\u00a0exfiltrate data from an arbitrary server accessible to the victim via performing a prompt injection\u00a0in the AI plugin\u0027s Jira tool."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1426",
              "description": "CWE-1426: Improper Validation of Generative AI Output",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-16T09:14:15.992Z",
        "orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
        "shortName": "Mattermost"
      },
      "references": [
        {
          "url": "https://mattermost.com/security-updates"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eUpdate Mattermost to versions 10.6.0, 10.4.3, 10.5.1, 9.11.10 or higher.\u003c/p\u003e"
            }
          ],
          "value": "Update Mattermost to versions 10.6.0, 10.4.3, 10.5.1, 9.11.10 or higher."
        }
      ],
      "source": {
        "advisory": "MMSA-2024-00401",
        "defect": [
          "https://mattermost.atlassian.net/browse/MM-61473"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Data exfiltration via AI plugin Jira tool",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
    "assignerShortName": "Mattermost",
    "cveId": "CVE-2025-31363",
    "datePublished": "2025-04-16T09:14:15.992Z",
    "dateReserved": "2025-04-08T07:50:19.617Z",
    "dateUpdated": "2025-04-16T14:33:01.674Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-2424 (GCVE-0-2025-2424)

Vulnerability from cvelistv5

Published

2025-04-14 14:49

Modified

2025-04-14 15:00

Severity ?

3.1 (Low) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE

CWE-863 - Incorrect Authorization

Summary

Mattermost versions 10.5.x <= 10.5.1, 9.11.x <= 9.11.9 fail to check if a file has been deleted when creating a bookmark which allows an attacker who knows the IDs of deleted files to obtain metadata of the files via bookmark creation.

References

►

URL

Tags

https://mattermost.com/security-updates

Impacted products

	Vendor	Product	Version
	Mattermost	Mattermost	Version: 10.5.0 ≤ 10.5.1 Version: 9.11.0 ≤ 9.11.9

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-2424",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-14T15:00:27.361408Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-14T15:00:45.367Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Mattermost",
          "vendor": "Mattermost",
          "versions": [
            {
              "lessThanOrEqual": "10.5.1",
              "status": "affected",
              "version": "10.5.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.11.9",
              "status": "affected",
              "version": "9.11.0",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "10.6.0"
            },
            {
              "status": "unaffected",
              "version": "10.5.2"
            },
            {
              "status": "unaffected",
              "version": "9.11.10"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "vultza (vultza)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eMattermost versions 10.5.x \u0026lt;= 10.5.1, 9.11.x \u0026lt;= 9.11.9 fail to check if a file has been deleted when creating a bookmark which allows an attacker who knows the IDs of deleted files to obtain metadata of the files via bookmark creation.\u003c/p\u003e"
            }
          ],
          "value": "Mattermost versions 10.5.x \u003c= 10.5.1, 9.11.x \u003c= 9.11.9 fail to check if a file has been deleted when creating a bookmark which allows an attacker who knows the IDs of deleted files to obtain metadata of the files via bookmark creation."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-863",
              "description": "CWE-863: Incorrect Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-14T14:49:35.783Z",
        "orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
        "shortName": "Mattermost"
      },
      "references": [
        {
          "url": "https://mattermost.com/security-updates"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eUpdate Mattermost to versions 10.6.0, 10.5.2, 9.11.10 or higher.\u003c/p\u003e"
            }
          ],
          "value": "Update Mattermost to versions 10.6.0, 10.5.2, 9.11.10 or higher."
        }
      ],
      "source": {
        "advisory": "MMSA-2024-00397",
        "defect": [
          "https://mattermost.atlassian.net/browse/MM-61374"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Leaked Metadata of Deleted Files via Bookmark Creation",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
    "assignerShortName": "Mattermost",
    "cveId": "CVE-2025-2424",
    "datePublished": "2025-04-14T14:49:35.783Z",
    "dateReserved": "2025-03-17T14:44:42.044Z",
    "dateUpdated": "2025-04-14T15:00:45.367Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-15119 (GCVE-0-2019-15119)

Vulnerability from cvelistv5

Published

2019-08-16 14:02

Modified

2024-08-05 00:34

Severity ?

CWE

Summary

lib/install/install.go in cnlh nps through 0.23.2 uses 0777 permissions for /usr/local/bin/nps and/or /usr/bin/nps, leading to a file overwrite by a local user.

References

►

URL

Tags

	https://github.com/cnlh/nps/issues/176	x_refsource_MISC
	https://github.com/cnlh/nps/commit/7178b3380720e910d283036a8d39879a94105515	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T00:34:53.253Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/cnlh/nps/issues/176"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/cnlh/nps/commit/7178b3380720e910d283036a8d39879a94105515"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "lib/install/install.go in cnlh nps through 0.23.2 uses 0777 permissions for /usr/local/bin/nps and/or /usr/bin/nps, leading to a file overwrite by a local user."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-08-16T14:02:30",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/cnlh/nps/issues/176"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/cnlh/nps/commit/7178b3380720e910d283036a8d39879a94105515"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-15119",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "lib/install/install.go in cnlh nps through 0.23.2 uses 0777 permissions for /usr/local/bin/nps and/or /usr/bin/nps, leading to a file overwrite by a local user."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/cnlh/nps/issues/176",
              "refsource": "MISC",
              "url": "https://github.com/cnlh/nps/issues/176"
            },
            {
              "name": "https://github.com/cnlh/nps/commit/7178b3380720e910d283036a8d39879a94105515",
              "refsource": "MISC",
              "url": "https://github.com/cnlh/nps/commit/7178b3380720e910d283036a8d39879a94105515"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-15119",
    "datePublished": "2019-08-16T14:02:31",
    "dateReserved": "2019-08-16T00:00:00",
    "dateUpdated": "2024-08-05T00:34:53.253Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-43971 (GCVE-0-2025-43971)

Vulnerability from cvelistv5

Published

2025-04-21 00:00

Modified

2025-04-21 01:55

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-193 - Off-by-one Error

Summary

An issue was discovered in GoBGP before 3.35.0. pkg/packet/bgp/bgp.go allows attackers to cause a panic via a zero value for softwareVersionLen.

References

►

URL

Tags

	https://github.com/osrg/gobgp/compare/v3.34.0...v3.35.0
	https://github.com/osrg/gobgp/commit/08a001e06d90e8bcc190084c66992f46f62c0986

Impacted products

	Vendor	Product	Version
	GoBGP	GoBGP	Version: 0 ≤

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-43971",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-21T01:55:09.319012Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-21T01:55:21.073Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "GoBGP",
          "vendor": "GoBGP",
          "versions": [
            {
              "lessThan": "3.35.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in GoBGP before 3.35.0. pkg/packet/bgp/bgp.go allows attackers to cause a panic via a zero value for softwareVersionLen."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-193",
              "description": "CWE-193 Off-by-one Error",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-21T00:58:46.302Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/osrg/gobgp/compare/v3.34.0...v3.35.0"
        },
        {
          "url": "https://github.com/osrg/gobgp/commit/08a001e06d90e8bcc190084c66992f46f62c0986"
        }
      ],
      "x_generator": {
        "engine": "enrichogram 0.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2025-43971",
    "datePublished": "2025-04-21T00:00:00.000Z",
    "dateReserved": "2025-04-21T00:00:00.000Z",
    "dateUpdated": "2025-04-21T01:55:21.073Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-43972 (GCVE-0-2025-43972)

Vulnerability from cvelistv5

Published

2025-04-21 00:00

Modified

2025-04-21 01:54

Severity ?

6.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-1284 - Improper Validation of Specified Quantity in Input

Summary

An issue was discovered in GoBGP before 3.35.0. An attacker can cause a crash in the pkg/packet/bgp/bgp.go flowspec parser by sending fewer than 20 bytes in a certain context.

References

►

URL

Tags

	https://github.com/osrg/gobgp/compare/v3.34.0...v3.35.0
	https://github.com/osrg/gobgp/commit/ca7383f450f7b296c5389feceef2467de5ab6e5a

Impacted products

	Vendor	Product	Version
	GoBGP	GoBGP	Version: 0 ≤

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-43972",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-21T01:54:18.521455Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-21T01:54:34.786Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "GoBGP",
          "vendor": "GoBGP",
          "versions": [
            {
              "lessThan": "3.35.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in GoBGP before 3.35.0. An attacker can cause a crash in the pkg/packet/bgp/bgp.go flowspec parser by sending fewer than 20 bytes in a certain context."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1284",
              "description": "CWE-1284 Improper Validation of Specified Quantity in Input",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-21T01:03:32.309Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/osrg/gobgp/compare/v3.34.0...v3.35.0"
        },
        {
          "url": "https://github.com/osrg/gobgp/commit/ca7383f450f7b296c5389feceef2467de5ab6e5a"
        }
      ],
      "x_generator": {
        "engine": "enrichogram 0.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2025-43972",
    "datePublished": "2025-04-21T00:00:00.000Z",
    "dateReserved": "2025-04-21T00:00:00.000Z",
    "dateUpdated": "2025-04-21T01:54:34.786Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-27936 (GCVE-0-2025-27936)

Vulnerability from cvelistv5

Published

2025-04-16 09:14

Modified

2025-04-16 14:32

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE

CWE-208 - Observable Timing Discrepancy

Summary

Mattermost Plugin MSTeams versions <2.1.0 and Mattermost Server versions 10.5.x <=10.5.1 with the MS Teams plugin enabled fail to perform constant time comparison on a MSTeams plugin webhook secret which allows an attacker to retrieve the webhook secret of the MSTeams plugin via a timing attack during webhook secret comparison.

References

►

URL

Tags

https://mattermost.com/security-updates

Impacted products

	Vendor	Product	Version
	Mattermost	Mattermost	Version: 10.5.0 ≤ 10.5.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-27936",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-16T14:19:16.252929Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-16T14:32:45.176Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Mattermost",
          "vendor": "Mattermost",
          "versions": [
            {
              "lessThanOrEqual": "10.5.1",
              "status": "affected",
              "version": "10.5.0",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "10.6.0"
            },
            {
              "status": "unaffected",
              "version": "10.5.2"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Juho Fors\u00e9n"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eMattermost Plugin MSTeams versions \u0026lt;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e2.1.0 and Mattermost Server\u0026nbsp;\u003c/span\u003eversions 10.5.x \u0026lt;=10.5.1 with the MS Teams plugin enabled fail to perform constant time comparison on a MSTeams plugin webhook secret which allows\u0026nbsp;an attacker to retrieve the webhook secret of the MSTeams plugin via a timing attack during webhook secret comparison. \u003c/p\u003e"
            }
          ],
          "value": "Mattermost Plugin MSTeams versions \u003c2.1.0 and Mattermost Server\u00a0versions 10.5.x \u003c=10.5.1 with the MS Teams plugin enabled fail to perform constant time comparison on a MSTeams plugin webhook secret which allows\u00a0an attacker to retrieve the webhook secret of the MSTeams plugin via a timing attack during webhook secret comparison."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-208",
              "description": "CWE-208: Observable Timing Discrepancy",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-16T09:14:55.095Z",
        "orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
        "shortName": "Mattermost"
      },
      "references": [
        {
          "url": "https://mattermost.com/security-updates"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eUpdate Mattermost Plugin MSTeams to version 2.1.1 or Mattermost Server to versions 10.6.0, 10.5.2 or higher.\u003c/p\u003e"
            }
          ],
          "value": "Update Mattermost Plugin MSTeams to version 2.1.1 or Mattermost Server to versions 10.6.0, 10.5.2 or higher."
        }
      ],
      "source": {
        "advisory": "MMSA-2025-00450",
        "defect": [
          "https://mattermost.atlassian.net/browse/MM-63147"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Webhook Secret Exposure via Timing attack in MSteams plugin",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
    "assignerShortName": "Mattermost",
    "cveId": "CVE-2025-27936",
    "datePublished": "2025-04-16T09:14:55.095Z",
    "dateReserved": "2025-04-08T11:14:14.689Z",
    "dateUpdated": "2025-04-16T14:32:45.176Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-32093 (GCVE-0-2025-32093)

Vulnerability from cvelistv5

Published

2025-04-14 06:57

Modified

2025-04-14 13:58

Severity ?

4.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

CWE

CWE-863 - Incorrect Authorization

Summary

Mattermost versions 10.5.x <= 10.5.1, 10.4.x <= 10.4.3, 9.11.x <= 9.11.9 fail to restrict certain operations on system admins to only other system admins, which allows delegated granular administration users with the "Edit Other Users" permission to perform unauthorized modifications to system administrators via improper permission validation.

References

►

URL

Tags

https://mattermost.com/security-updates

Impacted products

	Vendor	Product	Version
	Mattermost	Mattermost	Version: 10.5.0 ≤ 10.5.1 Version: 10.4.0 ≤ 10.4.3 Version: 9.11.0 ≤ 9.11.9

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-32093",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-14T13:58:05.225412Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-14T13:58:29.741Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Mattermost",
          "vendor": "Mattermost",
          "versions": [
            {
              "lessThanOrEqual": "10.5.1",
              "status": "affected",
              "version": "10.5.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.4.3",
              "status": "affected",
              "version": "10.4.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.11.9",
              "status": "affected",
              "version": "9.11.0",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "10.6.0"
            },
            {
              "status": "unaffected",
              "version": "10.5.2"
            },
            {
              "status": "unaffected",
              "version": "10.4.4"
            },
            {
              "status": "unaffected",
              "version": "9.11.10"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Bob10x1"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eMattermost versions 10.5.x \u0026lt;= 10.5.1, 10.4.x \u0026lt;= 10.4.3, 9.11.x \u0026lt;= 9.11.9 fail to restrict certain operations on system admins to only other system admins, which allows delegated granular administration users with the \"Edit Other Users\" permission to perform unauthorized modifications to system administrators via improper permission validation.\u003c/p\u003e"
            }
          ],
          "value": "Mattermost versions 10.5.x \u003c= 10.5.1, 10.4.x \u003c= 10.4.3, 9.11.x \u003c= 9.11.9 fail to restrict certain operations on system admins to only other system admins, which allows delegated granular administration users with the \"Edit Other Users\" permission to perform unauthorized modifications to system administrators via improper permission validation."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-863",
              "description": "CWE-863: Incorrect Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-14T06:57:54.208Z",
        "orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
        "shortName": "Mattermost"
      },
      "references": [
        {
          "url": "https://mattermost.com/security-updates"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eUpdate Mattermost to versions 10.6.0, 10.5.2, 10.4.4, 9.11.10 or higher.\u003c/p\u003e"
            }
          ],
          "value": "Update Mattermost to versions 10.6.0, 10.5.2, 10.4.4, 9.11.10 or higher."
        }
      ],
      "source": {
        "advisory": "MMSA-2025-00447",
        "defect": [
          "https://mattermost.atlassian.net/browse/MM-62686"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Syatem admin profile modification by delegated granular administration role",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
    "assignerShortName": "Mattermost",
    "cveId": "CVE-2025-32093",
    "datePublished": "2025-04-14T06:57:54.208Z",
    "dateReserved": "2025-04-08T07:50:19.639Z",
    "dateUpdated": "2025-04-14T13:58:29.741Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-43973 (GCVE-0-2025-43973)

Vulnerability from cvelistv5

Published

2025-04-21 00:00

Modified

2025-04-21 01:52

Severity ?

6.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-193 - Off-by-one Error

Summary

An issue was discovered in GoBGP before 3.35.0. pkg/packet/rtr/rtr.go does not verify that the input length corresponds to a situation in which all bytes are available for an RTR message.

References

►

URL

Tags

	https://github.com/osrg/gobgp/compare/v3.34.0...v3.35.0
	https://github.com/osrg/gobgp/commit/5693c58a4815cc6327b8d3b6980f0e5aced28abe

Impacted products

	Vendor	Product	Version
	GoBGP	GoBGP	Version: 0 ≤

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-43973",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-21T01:52:43.385247Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-21T01:52:59.432Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "GoBGP",
          "vendor": "GoBGP",
          "versions": [
            {
              "lessThan": "3.35.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in GoBGP before 3.35.0. pkg/packet/rtr/rtr.go does not verify that the input length corresponds to a situation in which all bytes are available for an RTR message."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-193",
              "description": "CWE-193 Off-by-one Error",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-21T01:09:40.356Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/osrg/gobgp/compare/v3.34.0...v3.35.0"
        },
        {
          "url": "https://github.com/osrg/gobgp/commit/5693c58a4815cc6327b8d3b6980f0e5aced28abe"
        }
      ],
      "x_generator": {
        "engine": "enrichogram 0.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2025-43973",
    "datePublished": "2025-04-21T00:00:00.000Z",
    "dateReserved": "2025-04-21T00:00:00.000Z",
    "dateUpdated": "2025-04-21T01:52:59.432Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

opensuse-su-2025:15017-1

Vulnerability from csaf_opensuse

CVE-2025-24866 (GCVE-0-2025-24866)

Vulnerability from cvelistv5

CVE-2025-1386 (GCVE-0-2025-1386)

Vulnerability from cvelistv5

CVE-2025-2475 (GCVE-0-2025-2475)

Vulnerability from cvelistv5

CVE-2025-2564 (GCVE-0-2025-2564)

Vulnerability from cvelistv5

CVE-2025-24358 (GCVE-0-2025-24358)

Vulnerability from cvelistv5

CVE-2025-32445 (GCVE-0-2025-32445)

Vulnerability from cvelistv5

CVE-2025-43970 (GCVE-0-2025-43970)

Vulnerability from cvelistv5

CVE-2025-30206 (GCVE-0-2025-30206)

Vulnerability from cvelistv5

CVE-2025-24839 (GCVE-0-2025-24839)

Vulnerability from cvelistv5

CVE-2025-27571 (GCVE-0-2025-27571)

Vulnerability from cvelistv5

CVE-2025-32793 (GCVE-0-2025-32793)

Vulnerability from cvelistv5

CVE-2025-32963 (GCVE-0-2025-32963)

Vulnerability from cvelistv5

CVE-2025-32431 (GCVE-0-2025-32431)

Vulnerability from cvelistv5

CVE-2025-3801 (GCVE-0-2025-3801)

Vulnerability from cvelistv5

CVE-2025-27538 (GCVE-0-2025-27538)

Vulnerability from cvelistv5

CVE-2025-31363 (GCVE-0-2025-31363)

Vulnerability from cvelistv5

CVE-2025-2424 (GCVE-0-2025-2424)

Vulnerability from cvelistv5

CVE-2019-15119 (GCVE-0-2019-15119)

Vulnerability from cvelistv5

CVE-2025-43971 (GCVE-0-2025-43971)

Vulnerability from cvelistv5

CVE-2025-43972 (GCVE-0-2025-43972)

Vulnerability from cvelistv5

CVE-2025-27936 (GCVE-0-2025-27936)

Vulnerability from cvelistv5

CVE-2025-32093 (GCVE-0-2025-32093)

Vulnerability from cvelistv5

CVE-2025-43973 (GCVE-0-2025-43973)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature