rhsa-2025:10738
Vulnerability from csaf_redhat
Published
2025-07-09 15:20
Modified
2025-08-19 15:18
Summary
Red Hat Security Advisory: Kiali 2.4.7 for Red Hat OpenShift Service Mesh 3.0
Notes
Topic
Kiali 2.4.7 for Red Hat OpenShift Service Mesh 3.0
This update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section
Details
Kiali 2.4.7, for Red Hat OpenShift Service Mesh 3.0, provides observability for the service mesh by offering a visual representation of the mesh topology and metrics, helping users monitor, trace, and manage efficiently
Security Fix(es):
* openshift-service-mesh/kiali-ossmc-rhel9: pbkdf2 silently returns predictable key material (CVE-2025-6545) * openshift-service-mesh/kiali-ossmc-rhel9: pbkdf2 silently returns static keys (CVE-2025-6547)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Kiali 2.4.7 for Red Hat OpenShift Service Mesh 3.0\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section",
"title": "Topic"
},
{
"category": "general",
"text": "Kiali 2.4.7, for Red Hat OpenShift Service Mesh 3.0, provides observability for the service mesh by offering a visual representation of the mesh topology and metrics, helping users monitor, trace, and manage efficiently\nSecurity Fix(es):\n* openshift-service-mesh/kiali-ossmc-rhel9: pbkdf2 silently returns predictable key material (CVE-2025-6545) * openshift-service-mesh/kiali-ossmc-rhel9: pbkdf2 silently returns static keys (CVE-2025-6547)\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:10738",
"url": "https://access.redhat.com/errata/RHSA-2025:10738"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6545",
"url": "https://access.redhat.com/security/cve/CVE-2025-6545"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6547",
"url": "https://access.redhat.com/security/cve/CVE-2025-6547"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification",
"url": "https://access.redhat.com/security/updates/classification"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_10738.json"
}
],
"title": "Red Hat Security Advisory: Kiali 2.4.7 for Red Hat OpenShift Service Mesh 3.0",
"tracking": {
"current_release_date": "2025-08-19T15:18:22+00:00",
"generator": {
"date": "2025-08-19T15:18:22+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2025:10738",
"initial_release_date": "2025-07-09T15:20:25+00:00",
"revision_history": [
{
"date": "2025-07-09T15:20:25+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-09T15:20:31+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-19T15:18:22+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Service Mesh 3.0",
"product": {
"name": "Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:3.0::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:8a92df3d16b2c5b865567a8cd9663b0c41c46f2aef6b62e412da7bb0b963339f_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:8a92df3d16b2c5b865567a8cd9663b0c41c46f2aef6b62e412da7bb0b963339f_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:8a92df3d16b2c5b865567a8cd9663b0c41c46f2aef6b62e412da7bb0b963339f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3A8a92df3d16b2c5b865567a8cd9663b0c41c46f2aef6b62e412da7bb0b963339f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.4.7-1751549742"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:86eecafcc67decea003dea06852c210885b67196ff59a617cb5036f0d2bed37e_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:86eecafcc67decea003dea06852c210885b67196ff59a617cb5036f0d2bed37e_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:86eecafcc67decea003dea06852c210885b67196ff59a617cb5036f0d2bed37e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-operator-bundle@sha256%3A86eecafcc67decea003dea06852c210885b67196ff59a617cb5036f0d2bed37e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=9.4-1751554068"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:284b003614b2523a5078eaeda51502dc84d0f1de6b1e7eac78bee2663b38fbdc_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:284b003614b2523a5078eaeda51502dc84d0f1de6b1e7eac78bee2663b38fbdc_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:284b003614b2523a5078eaeda51502dc84d0f1de6b1e7eac78bee2663b38fbdc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9-operator@sha256%3A284b003614b2523a5078eaeda51502dc84d0f1de6b1e7eac78bee2663b38fbdc?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.4.7-1751438375"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:b6b9606667f2b9577fa32952ceb99eae5ddca422e6752ebee17db9b83f375365_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:b6b9606667f2b9577fa32952ceb99eae5ddca422e6752ebee17db9b83f375365_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:b6b9606667f2b9577fa32952ceb99eae5ddca422e6752ebee17db9b83f375365_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3Ab6b9606667f2b9577fa32952ceb99eae5ddca422e6752ebee17db9b83f375365?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.4.7-1751549390"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:d22c1524e11d770dac4108b403b035fc74746b83b10cb68eed480ce6d5334503_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:d22c1524e11d770dac4108b403b035fc74746b83b10cb68eed480ce6d5334503_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:d22c1524e11d770dac4108b403b035fc74746b83b10cb68eed480ce6d5334503_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3Ad22c1524e11d770dac4108b403b035fc74746b83b10cb68eed480ce6d5334503?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.4.7-1751549742"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:eb3134b269571b504b33437f464058ae0993d88e7d043f2cfb0a8f4d69ec8edc_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:eb3134b269571b504b33437f464058ae0993d88e7d043f2cfb0a8f4d69ec8edc_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:eb3134b269571b504b33437f464058ae0993d88e7d043f2cfb0a8f4d69ec8edc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9-operator@sha256%3Aeb3134b269571b504b33437f464058ae0993d88e7d043f2cfb0a8f4d69ec8edc?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.4.7-1751438375"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:42de033cb085879e97b82ac80ba5df78f568e9bd1c16dd3ce8a962c90954dc2f_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:42de033cb085879e97b82ac80ba5df78f568e9bd1c16dd3ce8a962c90954dc2f_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:42de033cb085879e97b82ac80ba5df78f568e9bd1c16dd3ce8a962c90954dc2f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A42de033cb085879e97b82ac80ba5df78f568e9bd1c16dd3ce8a962c90954dc2f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.4.7-1751549390"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2055c60709600b67eab9a70a4ec437f065f85247fa5955466b8c0370962093d1_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2055c60709600b67eab9a70a4ec437f065f85247fa5955466b8c0370962093d1_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2055c60709600b67eab9a70a4ec437f065f85247fa5955466b8c0370962093d1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3A2055c60709600b67eab9a70a4ec437f065f85247fa5955466b8c0370962093d1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.4.7-1751549742"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:4e14fb285eb5db7aba0b5af906eee76e204bc8f6bdce39cf62681252dd8974c6_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:4e14fb285eb5db7aba0b5af906eee76e204bc8f6bdce39cf62681252dd8974c6_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:4e14fb285eb5db7aba0b5af906eee76e204bc8f6bdce39cf62681252dd8974c6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9-operator@sha256%3A4e14fb285eb5db7aba0b5af906eee76e204bc8f6bdce39cf62681252dd8974c6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.4.7-1751438375"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:e344632439c338ef64c568d8031db9c95928cb97708b0cad9cfdbe584748d1da_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:e344632439c338ef64c568d8031db9c95928cb97708b0cad9cfdbe584748d1da_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:e344632439c338ef64c568d8031db9c95928cb97708b0cad9cfdbe584748d1da_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3Ae344632439c338ef64c568d8031db9c95928cb97708b0cad9cfdbe584748d1da?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.4.7-1751549390"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0da2382a21654cb2d53be2eab65ac2ad9a43b98153702b77d74d48eccd4f72b8_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0da2382a21654cb2d53be2eab65ac2ad9a43b98153702b77d74d48eccd4f72b8_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0da2382a21654cb2d53be2eab65ac2ad9a43b98153702b77d74d48eccd4f72b8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3A0da2382a21654cb2d53be2eab65ac2ad9a43b98153702b77d74d48eccd4f72b8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.4.7-1751549742"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a8a4b880e0dd172019888a7e26d14d23b6f155a3d4f576561ddcb5778bbe1e67_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a8a4b880e0dd172019888a7e26d14d23b6f155a3d4f576561ddcb5778bbe1e67_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a8a4b880e0dd172019888a7e26d14d23b6f155a3d4f576561ddcb5778bbe1e67_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9-operator@sha256%3Aa8a4b880e0dd172019888a7e26d14d23b6f155a3d4f576561ddcb5778bbe1e67?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.4.7-1751438375"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:14dd5a2f47a4f8d6002c3dad016ed2a38152a6620791434e6c984a792e71ba1c_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:14dd5a2f47a4f8d6002c3dad016ed2a38152a6620791434e6c984a792e71ba1c_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:14dd5a2f47a4f8d6002c3dad016ed2a38152a6620791434e6c984a792e71ba1c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A14dd5a2f47a4f8d6002c3dad016ed2a38152a6620791434e6c984a792e71ba1c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.4.7-1751549390"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:86eecafcc67decea003dea06852c210885b67196ff59a617cb5036f0d2bed37e_amd64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:86eecafcc67decea003dea06852c210885b67196ff59a617cb5036f0d2bed37e_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:86eecafcc67decea003dea06852c210885b67196ff59a617cb5036f0d2bed37e_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:14dd5a2f47a4f8d6002c3dad016ed2a38152a6620791434e6c984a792e71ba1c_s390x as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:14dd5a2f47a4f8d6002c3dad016ed2a38152a6620791434e6c984a792e71ba1c_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:14dd5a2f47a4f8d6002c3dad016ed2a38152a6620791434e6c984a792e71ba1c_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:42de033cb085879e97b82ac80ba5df78f568e9bd1c16dd3ce8a962c90954dc2f_arm64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:42de033cb085879e97b82ac80ba5df78f568e9bd1c16dd3ce8a962c90954dc2f_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:42de033cb085879e97b82ac80ba5df78f568e9bd1c16dd3ce8a962c90954dc2f_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:b6b9606667f2b9577fa32952ceb99eae5ddca422e6752ebee17db9b83f375365_amd64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:b6b9606667f2b9577fa32952ceb99eae5ddca422e6752ebee17db9b83f375365_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:b6b9606667f2b9577fa32952ceb99eae5ddca422e6752ebee17db9b83f375365_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:e344632439c338ef64c568d8031db9c95928cb97708b0cad9cfdbe584748d1da_ppc64le as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:e344632439c338ef64c568d8031db9c95928cb97708b0cad9cfdbe584748d1da_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:e344632439c338ef64c568d8031db9c95928cb97708b0cad9cfdbe584748d1da_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:284b003614b2523a5078eaeda51502dc84d0f1de6b1e7eac78bee2663b38fbdc_amd64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:284b003614b2523a5078eaeda51502dc84d0f1de6b1e7eac78bee2663b38fbdc_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:284b003614b2523a5078eaeda51502dc84d0f1de6b1e7eac78bee2663b38fbdc_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:4e14fb285eb5db7aba0b5af906eee76e204bc8f6bdce39cf62681252dd8974c6_ppc64le as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:4e14fb285eb5db7aba0b5af906eee76e204bc8f6bdce39cf62681252dd8974c6_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:4e14fb285eb5db7aba0b5af906eee76e204bc8f6bdce39cf62681252dd8974c6_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a8a4b880e0dd172019888a7e26d14d23b6f155a3d4f576561ddcb5778bbe1e67_s390x as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a8a4b880e0dd172019888a7e26d14d23b6f155a3d4f576561ddcb5778bbe1e67_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a8a4b880e0dd172019888a7e26d14d23b6f155a3d4f576561ddcb5778bbe1e67_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:eb3134b269571b504b33437f464058ae0993d88e7d043f2cfb0a8f4d69ec8edc_arm64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:eb3134b269571b504b33437f464058ae0993d88e7d043f2cfb0a8f4d69ec8edc_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:eb3134b269571b504b33437f464058ae0993d88e7d043f2cfb0a8f4d69ec8edc_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0da2382a21654cb2d53be2eab65ac2ad9a43b98153702b77d74d48eccd4f72b8_s390x as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0da2382a21654cb2d53be2eab65ac2ad9a43b98153702b77d74d48eccd4f72b8_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0da2382a21654cb2d53be2eab65ac2ad9a43b98153702b77d74d48eccd4f72b8_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2055c60709600b67eab9a70a4ec437f065f85247fa5955466b8c0370962093d1_ppc64le as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2055c60709600b67eab9a70a4ec437f065f85247fa5955466b8c0370962093d1_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2055c60709600b67eab9a70a4ec437f065f85247fa5955466b8c0370962093d1_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:8a92df3d16b2c5b865567a8cd9663b0c41c46f2aef6b62e412da7bb0b963339f_amd64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:8a92df3d16b2c5b865567a8cd9663b0c41c46f2aef6b62e412da7bb0b963339f_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:8a92df3d16b2c5b865567a8cd9663b0c41c46f2aef6b62e412da7bb0b963339f_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:d22c1524e11d770dac4108b403b035fc74746b83b10cb68eed480ce6d5334503_arm64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:d22c1524e11d770dac4108b403b035fc74746b83b10cb68eed480ce6d5334503_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:d22c1524e11d770dac4108b403b035fc74746b83b10cb68eed480ce6d5334503_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-6545",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2025-06-23T19:00:51.575615+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:86eecafcc67decea003dea06852c210885b67196ff59a617cb5036f0d2bed37e_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:284b003614b2523a5078eaeda51502dc84d0f1de6b1e7eac78bee2663b38fbdc_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:4e14fb285eb5db7aba0b5af906eee76e204bc8f6bdce39cf62681252dd8974c6_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a8a4b880e0dd172019888a7e26d14d23b6f155a3d4f576561ddcb5778bbe1e67_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:eb3134b269571b504b33437f464058ae0993d88e7d043f2cfb0a8f4d69ec8edc_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0da2382a21654cb2d53be2eab65ac2ad9a43b98153702b77d74d48eccd4f72b8_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2055c60709600b67eab9a70a4ec437f065f85247fa5955466b8c0370962093d1_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:8a92df3d16b2c5b865567a8cd9663b0c41c46f2aef6b62e412da7bb0b963339f_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:d22c1524e11d770dac4108b403b035fc74746b83b10cb68eed480ce6d5334503_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2374370"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the npm pbkdf2 library, allowing signature spoofing. When executing in javascript engines other than Nodejs or Nodejs when importing pbkdf2/browser, certain algorithms will silently fail and return invalid data. The return values are predictable, which undermines the security guarantees of the package.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pbkdf2: pbkdf2 silently returns predictable key material",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated important because it causes the pbkdf2 module to quietly return weak or zero-filled keys when certain algorithm names are used incorrectly in browsers or bundled code, this causes the function to silently return a predictable value (such as a zero-filled buffer or uninitialized memory) instead of a securely derived key, completely undermining the confidentiality and integrity of any cryptographic operation where attackers could guess or reuse these keys to access or change protected data.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:14dd5a2f47a4f8d6002c3dad016ed2a38152a6620791434e6c984a792e71ba1c_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:42de033cb085879e97b82ac80ba5df78f568e9bd1c16dd3ce8a962c90954dc2f_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:b6b9606667f2b9577fa32952ceb99eae5ddca422e6752ebee17db9b83f375365_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:e344632439c338ef64c568d8031db9c95928cb97708b0cad9cfdbe584748d1da_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:86eecafcc67decea003dea06852c210885b67196ff59a617cb5036f0d2bed37e_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:284b003614b2523a5078eaeda51502dc84d0f1de6b1e7eac78bee2663b38fbdc_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:4e14fb285eb5db7aba0b5af906eee76e204bc8f6bdce39cf62681252dd8974c6_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a8a4b880e0dd172019888a7e26d14d23b6f155a3d4f576561ddcb5778bbe1e67_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:eb3134b269571b504b33437f464058ae0993d88e7d043f2cfb0a8f4d69ec8edc_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0da2382a21654cb2d53be2eab65ac2ad9a43b98153702b77d74d48eccd4f72b8_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2055c60709600b67eab9a70a4ec437f065f85247fa5955466b8c0370962093d1_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:8a92df3d16b2c5b865567a8cd9663b0c41c46f2aef6b62e412da7bb0b963339f_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:d22c1524e11d770dac4108b403b035fc74746b83b10cb68eed480ce6d5334503_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6545"
},
{
"category": "external",
"summary": "RHBZ#2374370",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374370"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6545",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6545"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6545",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6545"
},
{
"category": "external",
"summary": "https://github.com/browserify/pbkdf2/commit/9699045c37a07f8319cfb8d44e2ff4252d7a7078",
"url": "https://github.com/browserify/pbkdf2/commit/9699045c37a07f8319cfb8d44e2ff4252d7a7078"
},
{
"category": "external",
"summary": "https://github.com/browserify/pbkdf2/commit/e3102a8cd4830a3ac85cd0dd011cc002fdde33bb",
"url": "https://github.com/browserify/pbkdf2/commit/e3102a8cd4830a3ac85cd0dd011cc002fdde33bb"
},
{
"category": "external",
"summary": "https://github.com/browserify/pbkdf2/security/advisories/GHSA-h7cp-r72f-jxh6",
"url": "https://github.com/browserify/pbkdf2/security/advisories/GHSA-h7cp-r72f-jxh6"
}
],
"release_date": "2025-06-23T18:41:18.771000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-09T15:20:25+00:00",
"details": "See Kiali 2.4.7 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.0/html/observability/kiali-operator-provided-by-red-hat",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:14dd5a2f47a4f8d6002c3dad016ed2a38152a6620791434e6c984a792e71ba1c_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:42de033cb085879e97b82ac80ba5df78f568e9bd1c16dd3ce8a962c90954dc2f_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:b6b9606667f2b9577fa32952ceb99eae5ddca422e6752ebee17db9b83f375365_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:e344632439c338ef64c568d8031db9c95928cb97708b0cad9cfdbe584748d1da_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10738"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:86eecafcc67decea003dea06852c210885b67196ff59a617cb5036f0d2bed37e_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:14dd5a2f47a4f8d6002c3dad016ed2a38152a6620791434e6c984a792e71ba1c_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:42de033cb085879e97b82ac80ba5df78f568e9bd1c16dd3ce8a962c90954dc2f_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:b6b9606667f2b9577fa32952ceb99eae5ddca422e6752ebee17db9b83f375365_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:e344632439c338ef64c568d8031db9c95928cb97708b0cad9cfdbe584748d1da_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:284b003614b2523a5078eaeda51502dc84d0f1de6b1e7eac78bee2663b38fbdc_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:4e14fb285eb5db7aba0b5af906eee76e204bc8f6bdce39cf62681252dd8974c6_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a8a4b880e0dd172019888a7e26d14d23b6f155a3d4f576561ddcb5778bbe1e67_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:eb3134b269571b504b33437f464058ae0993d88e7d043f2cfb0a8f4d69ec8edc_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0da2382a21654cb2d53be2eab65ac2ad9a43b98153702b77d74d48eccd4f72b8_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2055c60709600b67eab9a70a4ec437f065f85247fa5955466b8c0370962093d1_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:8a92df3d16b2c5b865567a8cd9663b0c41c46f2aef6b62e412da7bb0b963339f_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:d22c1524e11d770dac4108b403b035fc74746b83b10cb68eed480ce6d5334503_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "pbkdf2: pbkdf2 silently returns predictable key material"
},
{
"cve": "CVE-2025-6547",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2025-06-23T20:01:13.559691+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:86eecafcc67decea003dea06852c210885b67196ff59a617cb5036f0d2bed37e_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:284b003614b2523a5078eaeda51502dc84d0f1de6b1e7eac78bee2663b38fbdc_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:4e14fb285eb5db7aba0b5af906eee76e204bc8f6bdce39cf62681252dd8974c6_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a8a4b880e0dd172019888a7e26d14d23b6f155a3d4f576561ddcb5778bbe1e67_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:eb3134b269571b504b33437f464058ae0993d88e7d043f2cfb0a8f4d69ec8edc_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0da2382a21654cb2d53be2eab65ac2ad9a43b98153702b77d74d48eccd4f72b8_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2055c60709600b67eab9a70a4ec437f065f85247fa5955466b8c0370962093d1_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:8a92df3d16b2c5b865567a8cd9663b0c41c46f2aef6b62e412da7bb0b963339f_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:d22c1524e11d770dac4108b403b035fc74746b83b10cb68eed480ce6d5334503_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2374378"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the npm pbkdf2 library, allowing signature spoofing. Under specific use cases, pbkdf2 may return static keys. This issue only occurs when running the library on Node.js.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pbkdf2: pbkdf2 silently returns static keys",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an Important severity because a logic flaw was found in the npm pbkdf2 library where the vulnerability, located in the toBuffer method, causes password and salt inputs provided as Uint8Array objects to be silently ignored. This results in the function returning a static, predictable key derived from empty inputs, completely undermining the security guarantees of any feature that relies on the generated key, this allows an attacker to forge signatures, leading to a complete compromise of the application\u0027s data confidentiality, integrity, and availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:14dd5a2f47a4f8d6002c3dad016ed2a38152a6620791434e6c984a792e71ba1c_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:42de033cb085879e97b82ac80ba5df78f568e9bd1c16dd3ce8a962c90954dc2f_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:b6b9606667f2b9577fa32952ceb99eae5ddca422e6752ebee17db9b83f375365_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:e344632439c338ef64c568d8031db9c95928cb97708b0cad9cfdbe584748d1da_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:86eecafcc67decea003dea06852c210885b67196ff59a617cb5036f0d2bed37e_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:284b003614b2523a5078eaeda51502dc84d0f1de6b1e7eac78bee2663b38fbdc_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:4e14fb285eb5db7aba0b5af906eee76e204bc8f6bdce39cf62681252dd8974c6_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a8a4b880e0dd172019888a7e26d14d23b6f155a3d4f576561ddcb5778bbe1e67_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:eb3134b269571b504b33437f464058ae0993d88e7d043f2cfb0a8f4d69ec8edc_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0da2382a21654cb2d53be2eab65ac2ad9a43b98153702b77d74d48eccd4f72b8_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2055c60709600b67eab9a70a4ec437f065f85247fa5955466b8c0370962093d1_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:8a92df3d16b2c5b865567a8cd9663b0c41c46f2aef6b62e412da7bb0b963339f_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:d22c1524e11d770dac4108b403b035fc74746b83b10cb68eed480ce6d5334503_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6547"
},
{
"category": "external",
"summary": "RHBZ#2374378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374378"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6547",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6547"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6547",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6547"
},
{
"category": "external",
"summary": "https://github.com/browserify/pbkdf2/commit/e3102a8cd4830a3ac85cd0dd011cc002fdde33bb",
"url": "https://github.com/browserify/pbkdf2/commit/e3102a8cd4830a3ac85cd0dd011cc002fdde33bb"
},
{
"category": "external",
"summary": "https://github.com/browserify/pbkdf2/security/advisories/GHSA-v62p-rq8g-8h59",
"url": "https://github.com/browserify/pbkdf2/security/advisories/GHSA-v62p-rq8g-8h59"
}
],
"release_date": "2025-06-23T19:00:45.472000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-09T15:20:25+00:00",
"details": "See Kiali 2.4.7 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.0/html/observability/kiali-operator-provided-by-red-hat",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:14dd5a2f47a4f8d6002c3dad016ed2a38152a6620791434e6c984a792e71ba1c_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:42de033cb085879e97b82ac80ba5df78f568e9bd1c16dd3ce8a962c90954dc2f_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:b6b9606667f2b9577fa32952ceb99eae5ddca422e6752ebee17db9b83f375365_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:e344632439c338ef64c568d8031db9c95928cb97708b0cad9cfdbe584748d1da_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10738"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:86eecafcc67decea003dea06852c210885b67196ff59a617cb5036f0d2bed37e_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:14dd5a2f47a4f8d6002c3dad016ed2a38152a6620791434e6c984a792e71ba1c_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:42de033cb085879e97b82ac80ba5df78f568e9bd1c16dd3ce8a962c90954dc2f_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:b6b9606667f2b9577fa32952ceb99eae5ddca422e6752ebee17db9b83f375365_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:e344632439c338ef64c568d8031db9c95928cb97708b0cad9cfdbe584748d1da_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:284b003614b2523a5078eaeda51502dc84d0f1de6b1e7eac78bee2663b38fbdc_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:4e14fb285eb5db7aba0b5af906eee76e204bc8f6bdce39cf62681252dd8974c6_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a8a4b880e0dd172019888a7e26d14d23b6f155a3d4f576561ddcb5778bbe1e67_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:eb3134b269571b504b33437f464058ae0993d88e7d043f2cfb0a8f4d69ec8edc_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0da2382a21654cb2d53be2eab65ac2ad9a43b98153702b77d74d48eccd4f72b8_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2055c60709600b67eab9a70a4ec437f065f85247fa5955466b8c0370962093d1_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:8a92df3d16b2c5b865567a8cd9663b0c41c46f2aef6b62e412da7bb0b963339f_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:d22c1524e11d770dac4108b403b035fc74746b83b10cb68eed480ce6d5334503_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "pbkdf2: pbkdf2 silently returns static keys"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…