suse-su-2025:02769-1
Vulnerability from csaf_suse
Published
2025-08-12 13:49
Modified
2025-08-12 13:49
Summary
Security update for amber-cli
Notes
Title of the patch
Security update for amber-cli
Description of the patch
This update for amber-cli fixes the following issues:
- Update to version 1.13.1+git20250329.c2e3bb8:
* CVE-2025-30204: Fixed jwt-go excessive memory
allocation during header parsing (bsc#1240511)
* jwt version upgrade (#174)
* Update policy size limit to 20k (#173)
* Update tenant user model with latest changes (#172)
* Fix/workflow (#171)
* Upgrade GO version to 1.23.6 (#170)
* Update golang jwt dependency (#169)
* Update TMS roles struct (#167)
* Update jwt dependency version (#165)
* Add changes to support JWT (#163)
* Update roles struct to be in sync with TMS (#164)
* go upgrade to 1.22.7 (#162)
* CASSINI-22266: Added permissions in ci workflow files (#153)
* Add check for missing Security.md file (#150)
* Go version upgrade to 1.22.5 (#148)
* CLI changes (#140)
* Bump github.com/hashicorp/go-retryablehttp from 0.7.4 to 0.7.7 (#147)
* Update product model to include multiple plan IDs (#146)
* Updated the help section (#145)
* Mark policy type field as not required (#144)
* Upgrade/goversion 1.22.3 (#143)
* Remove policy type and attestation type check for policy creation (#142)
* Go version upgrade 1.22.2 (#141)
* Fix error message to include the correct set of characters (#138)
* UT coverage 80.9% (#137)
* Fix push installer workflow (#136)
* 3rd party versions upgrade (#133)
* GO version upgrade to 1.22.0 (#132)
* Fix/go version 1.21.6 (#127)
* Update API key validation regex as per latest changes (#125)
* Update API key validation regex as per latest changes (#124)
* dependency version upgrade (#123)
* Update tag create model (#121)
* CASSINI-10113: Add scans in CI (#99)
* corrected minor check condition (#120)
* Add check to validate env variable before setting (#119)
* Add version-check script (#118)
* Add file path check for invalid characters (#116)
* Update compoenent version (#117)
* Update README as per suggestions (#113) (#115)
* Added HTTP scheme validation to avoid API Key leakage (#108)
* CASSINI-10987 Golang version upgrade to 1.21.4 (#114)
* Update policy model as per the latest changes (#109)
* Remove branch info from on schedule (#106)
* Add BDBA scan to CI (#104)
* Update CLI URL (#105)
* updated licenses (#102)
* Updated version of all components to v1.0.0 for GA (#100)
* Validate the email id input before requesting list of users (#98)
* Remove redundant print statements (#97)
* Request ID and trace ID should be visible on the console for errors as well (#96)
* Update sample policy as per token profile update changes (#95)
* Update CLI name from tenantclt to inteltrustauthority (#93)
* Update the headers for request and trace id (#94)
* cassini-9466-Go version update to 1.20.6 (#91)
* Add retry logic to client in tenant CLI (#92)
* Add request-id optional parameter for each command (#90)
- Override build date with SOURCE_DATE_EPOCH (bsc#1047218)
Patchnames
SUSE-2025-2769,SUSE-SLE-Module-Server-Applications-15-SP6-2025-2769,SUSE-SLE-Module-Server-Applications-15-SP7-2025-2769,openSUSE-SLE-15.6-2025-2769
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for amber-cli",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for amber-cli fixes the following issues:\n\n- Update to version 1.13.1+git20250329.c2e3bb8:\n * CVE-2025-30204: Fixed jwt-go excessive memory \n allocation during header parsing (bsc#1240511)\n * jwt version upgrade (#174)\n * Update policy size limit to 20k (#173)\n * Update tenant user model with latest changes (#172)\n * Fix/workflow (#171)\n * Upgrade GO version to 1.23.6 (#170)\n * Update golang jwt dependency (#169)\n * Update TMS roles struct (#167)\n * Update jwt dependency version (#165)\n * Add changes to support JWT (#163)\n * Update roles struct to be in sync with TMS (#164)\n * go upgrade to 1.22.7 (#162)\n * CASSINI-22266: Added permissions in ci workflow files (#153)\n * Add check for missing Security.md file (#150)\n * Go version upgrade to 1.22.5 (#148)\n * CLI changes (#140)\n * Bump github.com/hashicorp/go-retryablehttp from 0.7.4 to 0.7.7 (#147)\n * Update product model to include multiple plan IDs (#146)\n * Updated the help section (#145)\n * Mark policy type field as not required (#144)\n * Upgrade/goversion 1.22.3 (#143)\n * Remove policy type and attestation type check for policy creation (#142)\n * Go version upgrade 1.22.2 (#141)\n * Fix error message to include the correct set of characters (#138)\n * UT coverage 80.9% (#137)\n * Fix push installer workflow (#136)\n * 3rd party versions upgrade (#133)\n * GO version upgrade to 1.22.0 (#132)\n * Fix/go version 1.21.6 (#127)\n * Update API key validation regex as per latest changes (#125)\n * Update API key validation regex as per latest changes (#124)\n * dependency version upgrade (#123)\n * Update tag create model (#121)\n * CASSINI-10113: Add scans in CI (#99)\n * corrected minor check condition (#120)\n * Add check to validate env variable before setting (#119)\n * Add version-check script (#118)\n * Add file path check for invalid characters (#116)\n * Update compoenent version (#117)\n * Update README as per suggestions (#113) (#115)\n * Added HTTP scheme validation to avoid API Key leakage (#108)\n * CASSINI-10987 Golang version upgrade to 1.21.4 (#114)\n * Update policy model as per the latest changes (#109)\n * Remove branch info from on schedule (#106)\n * Add BDBA scan to CI (#104)\n * Update CLI URL (#105)\n * updated licenses (#102)\n * Updated version of all components to v1.0.0 for GA (#100)\n * Validate the email id input before requesting list of users (#98)\n * Remove redundant print statements (#97)\n * Request ID and trace ID should be visible on the console for errors as well (#96)\n * Update sample policy as per token profile update changes (#95)\n * Update CLI name from tenantclt to inteltrustauthority (#93)\n * Update the headers for request and trace id (#94)\n * cassini-9466-Go version update to 1.20.6 (#91)\n * Add retry logic to client in tenant CLI (#92)\n * Add request-id optional parameter for each command (#90)\n\n- Override build date with SOURCE_DATE_EPOCH (bsc#1047218)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2769,SUSE-SLE-Module-Server-Applications-15-SP6-2025-2769,SUSE-SLE-Module-Server-Applications-15-SP7-2025-2769,openSUSE-SLE-15.6-2025-2769",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02769-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02769-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502769-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02769-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041173.html"
},
{
"category": "self",
"summary": "SUSE Bug 1047218",
"url": "https://bugzilla.suse.com/1047218"
},
{
"category": "self",
"summary": "SUSE Bug 1240511",
"url": "https://bugzilla.suse.com/1240511"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-30204 page",
"url": "https://www.suse.com/security/cve/CVE-2025-30204/"
}
],
"title": "Security update for amber-cli",
"tracking": {
"current_release_date": "2025-08-12T13:49:30Z",
"generator": {
"date": "2025-08-12T13:49:30Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02769-1",
"initial_release_date": "2025-08-12T13:49:30Z",
"revision_history": [
{
"date": "2025-08-12T13:49:30Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.aarch64",
"product": {
"name": "amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.aarch64",
"product_id": "amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.i586",
"product": {
"name": "amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.i586",
"product_id": "amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.ppc64le",
"product": {
"name": "amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.ppc64le",
"product_id": "amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.s390x",
"product": {
"name": "amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.s390x",
"product_id": "amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.x86_64",
"product": {
"name": "amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.x86_64",
"product_id": "amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Server Applications 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Server Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-server-applications:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Server Applications 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Server Applications 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-server-applications:15:sp7"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP6:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.aarch64"
},
"product_reference": "amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP6:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.ppc64le"
},
"product_reference": "amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP6:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.s390x"
},
"product_reference": "amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP6:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.x86_64"
},
"product_reference": "amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP7:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.aarch64"
},
"product_reference": "amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP7:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.ppc64le"
},
"product_reference": "amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP7:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.s390x"
},
"product_reference": "amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP7:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.x86_64"
},
"product_reference": "amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.aarch64"
},
"product_reference": "amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.ppc64le"
},
"product_reference": "amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.s390x"
},
"product_reference": "amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.x86_64"
},
"product_reference": "amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-30204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-30204"
}
],
"notes": [
{
"category": "general",
"text": "golang-jwt is a Go implementation of JSON Web Tokens. Starting in version 3.2.0 and prior to versions 5.2.2 and 4.5.2, the function parse.ParseUnverified splits (via a call to strings.Split) its argument (which is untrusted data) on periods. As a result, in the face of a malicious request whose Authorization header consists of Bearer followed by many period characters, a call to that function incurs allocations to the tune of O(n) bytes (where n stands for the length of the function\u0027s argument), with a constant factor of about 16. This issue is fixed in 5.2.2 and 4.5.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Server Applications 15 SP6:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP6:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP6:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP6:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP7:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP7:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP7:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP7:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.s390x",
"openSUSE Leap 15.6:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-30204",
"url": "https://www.suse.com/security/cve/CVE-2025-30204"
},
{
"category": "external",
"summary": "SUSE Bug 1240441 for CVE-2025-30204",
"url": "https://bugzilla.suse.com/1240441"
},
{
"category": "external",
"summary": "SUSE Bug 1240442 for CVE-2025-30204",
"url": "https://bugzilla.suse.com/1240442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Server Applications 15 SP6:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP6:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP6:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP6:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP7:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP7:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP7:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP7:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.s390x",
"openSUSE Leap 15.6:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Server Applications 15 SP6:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP6:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP6:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP6:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP7:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP7:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP7:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP7:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.s390x",
"openSUSE Leap 15.6:amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-12T13:49:30Z",
"details": "important"
}
],
"title": "CVE-2025-30204"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…